Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:ypsomed:mylife:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-27503 |
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application encrypts on the application layer of the communication protocol between the Ypsomed mylife App and mylife Cloud credentials based on hard-coded secrets, which allows man-in-the-middle attackers to tamper with messages. Published: August 02, 2021; 5:15:08 PM -0400 |
V3.1: 4.8 MEDIUM V2.0: 5.8 MEDIUM |
CVE-2021-27499 |
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application layer encryption of the communication protocol between the Ypsomed mylife App and mylife Cloud uses non-random IVs, which allows man-in-the-middle attackers to tamper with messages. Published: August 02, 2021; 5:15:08 PM -0400 |
V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-27495 |
Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,he Ypsomed mylife Cloud reflects the user password during the login process after redirecting the user from a HTTPS endpoint to a HTTP endpoint. Published: July 30, 2021; 6:15:07 PM -0400 |
V3.1: 7.1 HIGH V2.0: 5.8 MEDIUM |
CVE-2021-27491 |
Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,The Ypsomed mylife Cloud discloses password hashes during the registration process. Published: July 30, 2021; 6:15:07 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |