Client-Side Enforcement of Server-Side Security
CVE-2024-12603
Summary
A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing the application password.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-602 - Client-Side Enforcement of Server-Side Security
The software is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.
References
Advisory Timeline
- Published
