Search

Find a vulnerability

Search criteria

    1 vulnerability found for Coordinate Plus App by TOSHIBA

    JVNDB-2016-000133

    Vulnerability from jvndb - Published: 2016-08-04 13:41 - Updated:2017-05-23 14:28
    Severity
    Summary
    Coordinate Plus App fails to verify SSL server certificates
    Details
    Coordinate Plus App provided by Toshiba Corporation fails to verify SSL server certificates. Gaku Taniguchi of RiskFinder,inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000133.html",
      "dc:date": "2017-05-23T14:28+09:00",
      "dcterms:issued": "2016-08-04T13:41+09:00",
      "dcterms:modified": "2017-05-23T14:28+09:00",
      "description": "Coordinate Plus App provided by Toshiba Corporation fails to verify SSL server certificates.\r\n\r\nGaku Taniguchi of RiskFinder,inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000133.html",
      "sec:cpe": {
        "#text": "cpe:/a:toshiba:coordinate_plus",
        "@product": "Coordinate Plus App",
        "@vendor": "TOSHIBA",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "4.0",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "4.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-000133",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN06920277/index.html",
          "@id": "JVN#06920277",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4840",
          "@id": "CVE-2016-4840",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-4840",
          "@id": "CVE-2016-4840",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Coordinate Plus App fails to verify SSL server certificates"
    }