Access Control Vulnerability in Mercedes me iOS App v1.34.0 and Below Allows Unauthorized Cart Viewing

Access Control Vulnerability in Mercedes me iOS App v1.34.0 and Below Allows Unauthorized Cart Viewing

CVE-2023-47392 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.

Learn more about our Cis Benchmark Audit For Apple Ios.