exploitDog

CVE-2016-1185

Опубликовано: 25 апр. 2016

Источник: nvd

CVSS3: 2.5

CVSS2: 2.6

EPSS Низкий

Описание

The Cybozu kintone mobile application 1.x before 1.0.6 for Android allows attackers to discover an authentication token via a crafted application.

Ссылки

http://jvn.jp/en/jp/JVN89026267/index.html
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000055
Vendor Advisory
http://www.securityfocus.com/bid/96842
https://support.cybozu.com/ja-jp/article/9479
Vendor Advisory
http://jvn.jp/en/jp/JVN89026267/index.html
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000055
Vendor Advisory
http://www.securityfocus.com/bid/96842
https://support.cybozu.com/ja-jp/article/9479
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cybozu:kintone:1.0.0:*:*:*:*:android:*:*

cpe:2.3:a:cybozu:kintone:1.0.1:*:*:*:*:android:*:*

cpe:2.3:a:cybozu:kintone:1.0.2:*:*:*:*:android:*:*

cpe:2.3:a:cybozu:kintone:1.0.3:*:*:*:*:android:*:*

cpe:2.3:a:cybozu:kintone:1.0.4:*:*:*:*:android:*:*

cpe:2.3:a:cybozu:kintone:1.0.5:*:*:*:*:android:*:*

EPSS

Процентиль: 47%

0.00241

Низкий

2.5 Low

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-64p3-6rw8-rfch

CVSS3: 2.5

github

больше 3 лет назад

The Cybozu kintone mobile application 1.x before 1.0.6 for Android allows attackers to discover an authentication token via a crafted application.

EPSS

Процентиль: 47%

0.00241

Низкий

2.5 Low

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-200