CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

NVD•added 2018/06/26 2:29 p.m.•14 views

CVE-2018-0611

The ANA App for iOS version 4.0.22 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

7.4CVSS6.8AI score0.00503EPSS

Exploits0References2

Prion•added 2018/06/26 2:29 p.m.•9 views

Design/Logic Flaw

5.8CVSS6.7AI score0.00503EPSS

Exploits0References2Affected Software1

CVE•added 2018/06/26 2:0 p.m.•38 views

CVE-2018-0611

The CVE-2018-0611 issue affects the ANA App for iOS (version 4.0.22 and earlier), where the app does not verify X.509 certificates from SSL servers (CWE-295). This allows a man-in-the-middle to spoof servers and obtain or alter sensitive information via crafted certificates. Descriptions and refe...

7.4CVSS6.7AI score0.00503EPSS

Exploits0References2Affected Software1

Cvelist•added 2018/06/26 2:0 p.m.•13 views

CVE-2018-0611

6.8AI score0.00503EPSS

Exploits0References2

Japan Vulnerability Notes•added 2018/06/15 12:0 a.m.•78 views

JVN#71535108: ANA App for iOS fails to verify SSL server certificates

ANA App for iOS provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates CWE-295. Impact A man-in-the-middle attack may allow an attacker to obtain and/or alter on a content of communication. Solution Update the Application Update to the latest version according to the...

7.4CVSS7AI score0.00503EPSS

Exploits0

Prion•added 2017/09/25 9:29 p.m.•13 views

Code injection

ANA App for Android 3.1.1 and earlier, and ANA App for iOS 3.3.6 and earlier does not verify SSL certificates...

4.3CVSS6.9AI score0.00898EPSS

Exploits0References3Affected Software1

NVD•added 2017/09/25 9:29 p.m.•10 views

CVE-2015-5666

ANA App for Android 3.1.1 and earlier, and ANA App for iOS 3.3.6 and earlier does not verify SSL certificates...

5.9CVSS5.6AI score0.00898EPSS

Exploits0References3

CVE•added 2017/09/25 9:0 p.m.•39 views

CVE-2015-5666

CVE-2015-5666 affects the ANA App family: Android 3.1.1 and earlier, and iOS 3.3.6 and earlier. The root issue is that the apps do not verify SSL server certificates, enabling potential Man-in-the-Middle attacks and eavesdropping on encrypted traffic. Concrete details from the connected sources c...

5.9CVSS5.5AI score0.00898EPSS

Exploits0References3Affected Software1

Cvelist•added 2017/09/25 9:0 p.m.•17 views

CVE-2015-5666

ANA App for Android 3.1.1 and earlier, and ANA App for iOS 3.3.6 and earlier does not verify SSL certificates...

5.5AI score0.00898EPSS

Exploits0References3

Japan Vulnerability Notes•added 2015/10/28 12:0 a.m.•40 views

JVN#25086409: ANA App fails to verify SSL server certificates

ANA App provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the...

5.9CVSS5.3AI score0.00898EPSS

Exploits0

Prion•added 2014/09/28 1:55 a.m.•13 views

Design/Logic Flaw

The American Nurses Association aka com.dub.poweredbydub.assoc.ana application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00266EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by