5.9
CVE-2016-4840
- EPSS 0.58%
- Veröffentlicht 21.04.2017 14:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginCoordinate Plus App for Android 1.0.2 and earlier and Coordinate Plus App for iOS 1.0.2 and earlier do not verify SSL certificates.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Toshiba ≫ Coordinate Plus SwPlatformandroid Version <= 1.0.2
Toshiba ≫ Coordinate Plus SwPlatformiphone_os Version <= 1.0.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.58% | 0.664 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.