{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-30T14:34:25.238","vulnerabilities":[{"cve":{"id":"CVE-2024-4303","sourceIdentifier":"twcert@cert.org.tw","published":"2024-04-29T06:15:18.457","lastModified":"2026-06-17T08:01:38.060","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"ArmorX Android APP's multi-factor authentication (MFA) for the login function is not properly implemented. Remote attackers who obtain user credentials can bypass MFA, allowing them to successfully log into the APP."},{"lang":"es","value":"La autenticación multifactor (MFA) de la aplicación Android ArmorX para la función de inicio de sesión no está implementada correctamente. Los atacantes remotos que obtienen credenciales de usuario pueden eludir MFA, lo que les permite iniciar sesión con éxito en la APLICACIÓN."}],"affected":[{"source":"twcert@cert.org.tw","affectedData":[{"vendor":"ArmorX ","product":"ArmorX APP","defaultStatus":"unaffected","platforms":["Android"],"versions":[{"version":"earlier","lessThanOrEqual":"1.5.2","versionType":"custom","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"armorx","product":"android_app","defaultStatus":"unknown","cpes":["cpe:2.3:a:armorx:android_app:-:*:*:*:*:*:*:*"],"versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-29T14:34:00.460543Z","id":"CVE-2024-4303","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-7781-ef309-1.html","source":"twcert@cert.org.tw"},{"url":"https://www.twcert.org.tw/tw/cp-132-7781-ef309-1.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}