CVE-2022-46081

Name of the Vulnerable Software and Affected Versions Garmin Connect version 4.61

Description The issue concerns the exposure of private personal information through the LiveTrack API when a LiveTrack session is terminated. This problem is noted in Garmin Connect, where ending a session does not prevent the continued exposure of sensitive information. It's worth mentioning that the vendor disputes this issue, citing that the LiveTrack API service is not a customer-controlled product.

Recommendations For Garmin Connect version 4.61, consider disabling the LiveTrack feature until a resolution is provided to prevent the exposure of private personal information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.