Vulnerability Details : CVE-2023-37513
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.
Products affected by CVE-2023-37513
- cpe:2.3:a:hcltech:traveler_to_do:*:*:*:*:*:iphone_os:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-37513
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 7 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-37513
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST | |
3.3
|
LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
1.8
|
1.4
|
HCL Software |
References for CVE-2023-37513
-
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106692
Security Bulletin: HCL Traveler To Do is vulnerable to revealing sensitive information via the task switcher (CVE-2023-37513)Vendor Advisory
Jump to