Vulnerabilities > Oklok Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-04 | CVE-2020-8792 | Use of Insufficiently Random Values vulnerability in Oklok Project Oklok 3.1.1 The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has an information-exposure issue. | 5.3 |
| 2020-05-04 | CVE-2020-8791 | Authorization Bypass Through User-Controlled Key vulnerability in Oklok Project Oklok 3.1.1 The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) allows remote attackers to submit API requests using authenticated but unauthorized tokens, resulting in IDOR issues. | 6.5 |
| 2020-05-04 | CVE-2020-8790 | Weak Password Requirements vulnerability in Oklok Project Oklok 3.1.1 The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) has weak password requirements combined with improper restriction of excessive authentication attempts, which could allow a remote attacker to discover user credentials and obtain access via a brute force attack. | 9.8 |
| 2020-05-04 | CVE-2020-10876 | Improper Restriction of Excessive Authentication Attempts vulnerability in Oklok Project Oklok 3.1.1 The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwords, nor does it properly restrict excessive verification attempts. | 7.5 |