CVE-2016-4811

EPSS 0.44%
Veröffentlicht 19.06.2016 20:59:15
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle vultures@jpcert.or.jp
CVE-Watchlists
Login
Unerledigt
Login

The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15.1 and earlier for Android and 1.13.0 and earlier for iOS allows man-in-the-middle attackers to obtain API access via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ntt-bp ≫ Japan Connected-free Wi-fi Version1.13.0 SwPlatformiphone_os

Ntt-bp ≫ Japan Connected-free Wi-fi Version1.15.1 SwPlatformandroid

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.44%	0.6

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.6	2.2	3.4	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
nvd@nist.gov	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

https://play.google.com/store/apps/details?id=com.nttbp.jfw

http://jvn.jp/en/jp/JVN46888319/278948/index.html

Vendor Advisory

http://jvn.jp/en/jp/JVN46888319/index.html

Vendor Advisory

http://jvndb.jvn.jp/jvndb/JVNDB-2016-000076

Vendor Advisory

https://itunes.apple.com/app/japan-connected-free-wi-fi/id810838196

https://nvd.nist.gov/vuln/detail/CVE-2016-4811

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-4811

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-4811

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2016-4811