Vulnerability Description
WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eigen\&Wijzer Ouderapp Project | Eigen\&Wijzer Ouderapp | < 1.1.22 |
Related Weaknesses (CWE)
References
- https://apps.apple.com/nl/app/eigen-wijzer-ouderapp/id1331059326ProductRelease NotesThird Party Advisory
- https://github.com/Fopje/CVE-2022-36539ExploitThird Party Advisory
- https://apps.apple.com/nl/app/eigen-wijzer-ouderapp/id1331059326ProductRelease NotesThird Party Advisory
- https://github.com/Fopje/CVE-2022-36539ExploitThird Party Advisory
FAQ
What is CVE-2022-36539?
CVE-2022-36539 is a vulnerability with a CVSS score of 7.5 (HIGH). WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children.
How severe is CVE-2022-36539?
CVE-2022-36539 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-36539?
Check the references section above for vendor advisories and patch information. Affected products include: Eigen\&Wijzer Ouderapp Project Eigen\&Wijzer Ouderapp.