CVE-2021-3179

GGLocker iOS application, contains an insecure data storage of the password hash value which results in an authentication bypass.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Common Weakness Enumeration
References
https://apps.apple.com/us/app/gglocker/id1449241376#?platform=iphone
https://github.com/ggreco/gglocker/blob/master/gglocker/LoginCheck.m
https://medium.com/%40ksteo11/yet-another-password-manager-app-how-to-better-secure-it-8e9df2ce35c8
https://apps.apple.com/us/app/gglocker/id1449241376#?platform=iphone
https://github.com/ggreco/gglocker/blob/master/gglocker/LoginCheck.m
https://medium.com/%40ksteo11/yet-another-password-manager-app-how-to-better-secure-it-8e9df2ce35c8