CVE-2022-36539

WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Common Weakness Enumeration
References
https://apps.apple.com/nl/app/eigen-wijzer-ouderapp/id1331059326
https://github.com/Fopje/CVE-2022-36539
https://apps.apple.com/nl/app/eigen-wijzer-ouderapp/id1331059326
https://github.com/Fopje/CVE-2022-36539