5.9
CVE-2016-4818
- EPSS 0.93%
- Veröffentlicht 20.04.2017 18:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginDMMFX Trade for Android 1.5.0 and earlier, DMMFX DEMO Trade for Android 1.5.0 and earlier, and GAITAMEJAPAN FX Trade for Android 1.4.0 and earlier do not verify SSL certificates.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dmm ≫ Dmmfx Demo Trade SwPlatformandroid Version <= 1.5.0
Dmm ≫ Dmmfx Trade SwPlatformandroid Version <= 1.5.0
Dmm ≫ Gaitamejapan Fx Trade SwPlatformandroid Version <= 1.4.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.93% | 0.559 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.
http://fx.dmm.com/information/press/2016/2016053001/
http://jvn.jp/en/jp/JVN40898764/index.html
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000092.html
http://www.gaitamejapan.com/support/news/2016/2016053001/
https://jvn.jp/en/jp/JVN40898764/995849/index.html