CVE-2017-2748

Summary

A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue.

Affected Software

VendorProductVersion RangeStatus
Isaac MizrahiIsaac Mizrahi Smartwatch Mobile AppIsaac Mizrahi iOS app versions 1.0.2.10affected
Isaac MizrahiIsaac Mizrahi Smartwatch Mobile App1.2.2.12affected
Isaac MizrahiIsaac Mizrahi Smartwatch Mobile App1.3.7affected
Isaac MizrahiIsaac Mizrahi Smartwatch Mobile Appand 1.4.8. Isaac Mizrahi Android app versions 1.0.201601214affected
Isaac MizrahiIsaac Mizrahi Smartwatch Mobile App1.2.2016040820affected
Isaac MizrahiIsaac Mizrahi Smartwatch Mobile App1.3.2016052319affected
Isaac MizrahiIsaac Mizrahi Smartwatch Mobile App1.4.2016072601affected

Weaknesses

  • Insecure HTTP during login.

ADP Enrichment

CVE Program Container

Additional References

References