CVE-2016-4811

Опубликовано: 19 июн. 2016

Источник: nvd

CVSS3: 5.6

CVSS2: 5.1

EPSS Низкий

Описание

The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15.1 and earlier for Android and 1.13.0 and earlier for iOS allows man-in-the-middle attackers to obtain API access via unspecified vectors.

Ссылки

http://jvn.jp/en/jp/JVN46888319/278948/index.html
Vendor Advisory
http://jvn.jp/en/jp/JVN46888319/index.html
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000076
Vendor Advisory
https://itunes.apple.com/app/japan-connected-free-wi-fi/id810838196
https://play.google.com/store/apps/details?id=com.nttbp.jfw
http://jvn.jp/en/jp/JVN46888319/278948/index.html
Vendor Advisory
http://jvn.jp/en/jp/JVN46888319/index.html
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000076
Vendor Advisory
https://itunes.apple.com/app/japan-connected-free-wi-fi/id810838196
https://play.google.com/store/apps/details?id=com.nttbp.jfw

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ntt-bp:japan_connected-free_wi-fi:1.13.0:*:*:*:*:iphone_os:*:*

cpe:2.3:a:ntt-bp:japan_connected-free_wi-fi:1.15.1:*:*:*:*:android:*:*

EPSS

Процентиль: 62%

0.00436

Низкий

5.6 Medium

CVSS3

5.1 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-jxxq-c44v-33mv