Lucene search
Japan Vulnerability NotesJVN:68156832HistoryAug 19, 2013 - 12:00 a.m.
JVN#68156832: Yafuoku! contains an issue where it fails to verify SSL server certificates
2013-08-1900:00:00
Japan Vulnerability Notes
jvn.jp
15
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
28.1%
Yafuoku! provided by Yahoo Japan Corporation contains an issue where it fails to verify SSL server certificates.
Impact
A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- Yafuoku! ver.4.3.0 and earlier (for iOS, Android)
Related
nvd
nvd
CVE-2013-4699
2013-08-21 16:55:11
cve
cve
CVE-2013-4699
2022-10-03 16:14:57
prion
prion
Information disclosure
2013-08-21 16:55:00
cvelist
cvelist
CVE-2013-4699
2022-10-03 16:14:57
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
28.1%
Related for JVN:68156832