PT-2022-20014 · Rocket.Chat · Rocket.Chat Mobile
Dago_669
·
Published
2022-09-23
·
Updated
2022-09-27
·
CVE-2022-30124
CVSS v3.1
6.8
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Rocket.Chat Mobile App versions prior to 4.14.1.22788
Description
An issue exists where an attacker with physical access to a mobile device can bypass local authentication, such as a PIN code, due to improper authentication.
Recommendations
For versions prior to 4.14.1.22788, update to version 4.14.1.22788 or later to resolve the issue.
Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rocket.Chat Mobile