Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:43 a.m.5 views

CVE-2019-5954

JR East Japan train operation information push notification App for Android version 1.2.4 and earlier allows remote attackers to bypass access restriction to obtain or alter the user's registered information via unspecified vectors...

9.1CVSS6.9AI score0.01921EPSS
Exploits0References1
NVD
NVD
added 2019/05/17 4:29 p.m.28 views

CVE-2019-5954

JR East Japan train operation information push notification App for Android version 1.2.4 and earlier allows remote attackers to bypass access restriction to obtain or alter the user's registered information via unspecified vectors...

9.1CVSS8.8AI score0.01921EPSS
Exploits0References2
CVE
CVE
added 2019/05/17 3:25 p.m.46 views

CVE-2019-5954

CVE-2019-5954 relates to the JR East Japan train operation information push notification App for Android (version 1.2.4 and earlier). The connected documents identify an access control error (CWE-284) in the API server that fails to restrict access permissions, enabling a remote attacker to obtai...

9.1CVSS8.8AI score0.01921EPSS
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/04/01 6:42 a.m.3 views

API server used by JR East Japan train operation information push notification App for Android fails to restrict access permissions

Overview JR East Japan train operation information push notification App for Android provided by East Japan Railway Company fails to restrict access permissions CWE-284. The application is no longer available/supported, and its service was ended in 2019 march 23. Tomoya Takahashi of TCU...

9.1CVSS6.6AI score0.01921EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/04/01 12:0 a.m.127 views

JVN#01119243: API server used by JR East Japan train operation information push notification App for Android fails to restrict access permissions

JR East Japan train operation information push notification App for Android provided by East Japan Railway Company fails to restrict access permissions CWE-284. The application is no longer available/supported, and its service was ended in 2019 march 23. Impact A remote attacker may obtain or alt...

9.1CVSS9AI score0.01921EPSS
Exploits0
CVE
CVE
added 2014/06/19 10:0 a.m.48 views

CVE-2014-2001

The CVE-2014-2001 entry concerns the JR East Japan Android app (prior to version 1.2.0). The underlying issue is that the app does not verify X.509 certificates from SSL servers, enabling MITM attackers to obtain sensitive information via a crafted certificate. Impact is information disclosure of...

5.8CVSS6AI score0.00582EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/06/19 10:0 a.m.18 views

CVE-2014-2001

The East Japan Railway Company JR East Japan application before 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate...

5.8AI score0.00582EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/06/18 12:0 a.m.35 views

JVN#10603428: JR East Japan App for Android. contains an issue where it fails to verify SSL server certificates

JR East Japan App for Android. contains an issue where it fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by...

5.8CVSS6.1AI score0.00582EPSS
Exploits0
Rows per page
Query Builder