Search

Find a vulnerability

Search criteria

    1 vulnerability found for niconico by DWANGO Co., Ltd.

    JVNDB-2015-000137

    Vulnerability from jvndb - Published: 2015-09-29 14:05 - Updated:2018-03-07 12:26
    Severity
    N/A (UNKNOWN) - -
    Summary
    niconico App for iOS fails to verify SSL server certificates
    Details
    niconico App for iOS provided by DWANGO Co., Ltd. fails to verify SSL server certificates. AOKI Keiichi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000137.html",
      "dc:date": "2018-03-07T12:26+09:00",
      "dcterms:issued": "2015-09-29T14:05+09:00",
      "dcterms:modified": "2018-03-07T12:26+09:00",
      "description": "niconico App for iOS provided by DWANGO Co., Ltd. fails to verify SSL server certificates.\r\n\r\nAOKI Keiichi reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000137.html",
      "sec:cpe": {
        "#text": "cpe:/a:dwango:niconico",
        "@product": "niconico",
        "@vendor": "DWANGO Co., Ltd.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "4.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2015-000137",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN20355129/index.html",
          "@id": "JVN#20355129",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5639",
          "@id": "CVE-2015-5639",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2015-5639",
          "@id": "CVE-2015-5639",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "niconico App for iOS fails to verify SSL server certificates"
    }