CVE-2017-2748

Published: Mar 27, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue.

Affected (8)

Products: Hp: Isaac Mizrahi Smartwatch

1 product

Isaac Mizrahi Smartwatch

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Hp Isaac Mizrahi Smartwatch	Version 1.0.2.10
Hp Isaac Mizrahi Smartwatch	Version 1.0.201601214
Hp Isaac Mizrahi Smartwatch	Version 1.2.2.12
Hp Isaac Mizrahi Smartwatch	Version 1.2.2016040820
Hp Isaac Mizrahi Smartwatch	Version 1.3.2016052319
Hp Isaac Mizrahi Smartwatch	Version 1.3.7
Hp Isaac Mizrahi Smartwatch	Version 1.4.2016072601
Hp Isaac Mizrahi Smartwatch	Version 1.4.8

Related CWEs

CWE-254

References (2)

https://support.hp.com/us-en/document/c05976868

Source: hp-security-alert@hp.com

Vendor Advisory

https://support.hp.com/us-en/document/c05976868

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.