Insecure Transactions in Isaac Mizrahi Smartwatch Mobile App by HP
CVE-2017-2748

7.5HIGH

Key Information:

Vendor: Isaac Mizrahi
Status: Isaac Mizrahi Smartwatch Mobile App
Vendor: CVE Published:; 27 March 2019

🔔 Create Isaac Mizrahi Vulnerability Alert

What is CVE-2017-2748?

A security vulnerability has been discovered in early versions of the Isaac Mizrahi Smartwatch mobile app, arising from the use of insecure HTTP transactions during user login. While HP does not have access to customer data as a result of this issue, the vulnerability poses a risk that could allow malicious actors to intercept sensitive information during transmission. Users are encouraged to ensure they are using the latest versions of the app to mitigate this risk.

Affected Version(s)

Isaac Mizrahi Smartwatch Mobile App Isaac Mizrahi iOS app versions 1.0.2.10

Isaac Mizrahi Smartwatch Mobile App 1.2.2.12

Isaac Mizrahi Smartwatch Mobile App 1.3.7

References

https://support.hp.com/us-en/document/c05976868

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 27, 2019
Vulnerability Reserved
Dec 1, 2016

JSON