HIGH 7.8
CVE-2017-15918
Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks.
CVSS v3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| ignitum | sera | iOS | — | cpe:2.3:a:ignitum:sera:1.2:*:*:*:*:iphone_os:*:* |