CVE-2024-39886

TONE store App version 3.4.2 and earlier contains an issue with unprotected primary channel. Since TONE store App communicates with TONE store website in cleartext, a man-in-the-middle attack may allow an attacker to obtain and/or alter communications of the affected App...

CVE-2024-39886

TONE store App version 3.4.2 and earlier contains an issue with unprotected primary channel. Since TONE store App communicates with TONE store website in cleartext, a man-in-the-middle attack may allow an attacker to obtain and/or alter communications of the affected App...

CVE-2024-39886

CVE-2024-39886 affects TONE store App versions 3.4.2 and earlier. Multiple connected sources confirm a cleartext channel between the TONE store App and the TONE store website, enabling a man-in-the-middle attack to obtain and/or alter communications of the affected app. Root cause is unprotected ...

CVE-2024-39886

TONE store App version 3.4.2 and earlier contains an issue with unprotected primary channel. Since TONE store App communicates with TONE store website in cleartext, a man-in-the-middle attack may allow an attacker to obtain and/or alter communications of the affected App...

CVE-2024-39886

TONE store App version 3.4.2 and earlier contains an issue with unprotected primary channel. Since TONE store App communicates with TONE store website in cleartext, a man-in-the-middle attack may allow an attacker to obtain and/or alter communications of the affected App...

PT-2024-28710 · Unknown · Tone Store App

Name of the Vulnerable Software and Affected Versions: TONE store App versions 3.4.2 and earlier Description: The issue is related to an unprotected primary channel in the TONE store App, which communicates with the TONE store website in cleartext. This could allow a man-in-the-middle attack,...

Cleartext transmission issue in TONE store App to TONE store

Overview TONE store App provided by DREAM TRAIN INTERNET INC. contains a cleartext transmission issue to TONE store website CWE-419. Kodai Karakawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

JVN#28515217: Cleartext transmission issue in TONE store App to TONE store

TONE store App provided by DREAM TRAIN INTERNET INC. contains a cleartext transmission issue to TONE store website CWE-419. Impact A man-in-the-middle attack may allow an attacker to obtain and/or alter communications of the affected App. Solution Update the application Update the application to...

TONE Store Application Security Vulnerability

TONE Store Application is an application from TONE Japan that allows users to install and manage mobile applications. A security vulnerability exists in TONE Store Application version 3.4.2 and prior versions, which originates from a vulnerability that allows arbitrary applications to be installe...