Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for ANA by ALL NIPPON AIRWAYS CO., LTD

    JVNDB-2018-000065

    Vulnerability from jvndb - Published: 2018-06-15 14:40 - Updated:2019-12-27 18:08
    Severity
    Summary
    ANA App for iOS fails to verify SSL server certificates
    Details
    ANA App for iOS provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates (CWE-295). Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000065.html",
      "dc:date": "2019-12-27T18:08+09:00",
      "dcterms:issued": "2018-06-15T14:40+09:00",
      "dcterms:modified": "2019-12-27T18:08+09:00",
      "description": "ANA App for iOS provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates (CWE-295).\r\n\r\nYuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000065.html",
      "sec:cpe": {
        "#text": "cpe:/a:ana:all_nippon_airways",
        "@product": "ANA",
        "@vendor": "ALL NIPPON AIRWAYS CO., LTD",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "4.0",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "4.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2018-000065",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN71535108/index.html",
          "@id": "JVN#71535108",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0611",
          "@id": "CVE-2018-0611",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0611",
          "@id": "CVE-2018-0611",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "ANA App for iOS fails to verify SSL server certificates"
    }

    JVNDB-2015-000164

    Vulnerability from jvndb - Published: 2015-10-28 14:50 - Updated:2018-03-07 13:50
    Severity
    N/A (UNKNOWN) - -
    Summary
    ANA App fails to verify SSL server certificates
    Details
    ANA App provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates. AOKI Keiichi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000164.html",
      "dc:date": "2018-03-07T13:50+09:00",
      "dcterms:issued": "2015-10-28T14:50+09:00",
      "dcterms:modified": "2018-03-07T13:50+09:00",
      "description": "ANA App provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates.\r\n\r\nAOKI Keiichi reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000164.html",
      "sec:cpe": {
        "#text": "cpe:/a:ana:all_nippon_airways",
        "@product": "ANA",
        "@vendor": "ALL NIPPON AIRWAYS CO., LTD",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "4.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2015-000164",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN25086409/index.html",
          "@id": "JVN#25086409",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5666",
          "@id": "CVE-2015-5666",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2015-5666",
          "@id": "CVE-2015-5666",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "ANA App fails to verify SSL server certificates"
    }