Lucene search

[email protected]CVE-2015-5636

HistorySep 20, 2015 - 5:59 p.m.

CVE-2015-5636

2015-09-2017:59:04

CWE-264

[email protected]

web.nvd.nist.gov

cve-2015-5636

newphoria reversi

android

ios

api access

url whitelist protection mechanism

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.0%

JSON

The Newphoria Reversi application before 1.0.3 for Android and before 1.2 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.

Affected configurations

NVD

Node

newphoria_corporationreversiRange≤1.0.2android

newphoria_corporationreversiRange≤1.1ios

CPENameOperatorVersion
newphoria_corporation:reversinewphoria corporation reversile1.0.2
newphoria_corporation:reversinewphoria corporation reversile1.1

CPE	Name	Operator	Version
newphoria_corporation:reversi	newphoria corporation reversi	le	1.0.2
newphoria_corporation:reversi	newphoria corporation reversi	le	1.1

References

jvn.jp/en/jp/JVN67586379/995707/index.html

jvn.jp/en/jp/JVN67586379/index.html

jvndb.jvn.jp/jvndb/JVNDB-2015-000134

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.0%

JSON

Related for CVE-2015-5636

prion1 jvn1 cvelist1 nvd1