Search criteria
6 vulnerabilities found for vivobaby by asus
VAR-201906-0727
Vulnerability from variot - Updated: 2024-11-23 22:44The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation. The program mainly monitors heart rate and exercise trajectory through smart watches. The vulnerability is due to the fact that the program does not verify the SSL certificate. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0727",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hivivo",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "5.6.27"
},
{
"model": "vivobaby",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "1.1.09"
},
{
"model": "hivivo",
"scope": "lt",
"trust": 0.8,
"vendor": "asustek computer",
"version": "5.6.27"
},
{
"model": "vivobaby",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014546"
},
{
"db": "NVD",
"id": "CVE-2017-17945"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:asus:hivivo",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:asus:vivobaby",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014546"
}
]
},
"cve": "CVE-2017-17945",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-17945",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-109018",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-17945",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-17945",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-17945",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-910",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-109018",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109018"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014546"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-910"
},
{
"db": "NVD",
"id": "CVE-2017-17945"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation. The program mainly monitors heart rate and exercise trajectory through smart watches. The vulnerability is due to the fact that the program does not verify the SSL certificate. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17945"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014546"
},
{
"db": "VULHUB",
"id": "VHN-109018"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17945",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014546",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-910",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-22300",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-109018",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109018"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014546"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-910"
},
{
"db": "NVD",
"id": "CVE-2017-17945"
}
]
},
"id": "VAR-201906-0727",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-109018"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:44:58.386000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ASUS Vivobaby",
"trust": 0.8,
"url": "https://play.google.com/store/apps/details?id=com.asus.vivobaby\u0026hl=ja"
},
{
"title": "HiVivo for ASUS VivoWatch",
"trust": 0.8,
"url": "https://play.google.com/store/apps/details?id=com.hivivo.dountapp\u0026hl=ja"
},
{
"title": "ASUS HiVivo aspplication for ASUS Watch Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94042"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014546"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-910"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109018"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014546"
},
{
"db": "NVD",
"id": "CVE-2017-17945"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17945"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17945"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109018"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014546"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-910"
},
{
"db": "NVD",
"id": "CVE-2017-17945"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-109018"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014546"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-910"
},
{
"db": "NVD",
"id": "CVE-2017-17945"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-24T00:00:00",
"db": "VULHUB",
"id": "VHN-109018"
},
{
"date": "2019-07-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014546"
},
{
"date": "2019-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-910"
},
{
"date": "2019-06-24T19:15:10.273000",
"db": "NVD",
"id": "CVE-2017-17945"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-03T00:00:00",
"db": "VULHUB",
"id": "VHN-109018"
},
{
"date": "2019-07-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014546"
},
{
"date": "2019-07-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-910"
},
{
"date": "2024-11-21T03:19:01.740000",
"db": "NVD",
"id": "CVE-2017-17945"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-910"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ASUS HiVivo Vulnerabilities related to certificate validation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014546"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-910"
}
],
"trust": 0.6
}
}
VAR-201906-0726
Vulnerability from variot - Updated: 2024-11-23 22:30The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation. ASUS Vivobaby for Android is an Android platform-based baby physiological monitor control and management application developed by China Taiwan ASUS Corporation. There is a trust management issue vulnerability in ASUS Vivobaby versions earlier than 1.1.09 based on the Android platform. This vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0726",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "hivivo",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "5.6.27"
},
{
"model": "vivobaby",
"scope": "lt",
"trust": 1.0,
"vendor": "asus",
"version": "1.1.09"
},
{
"model": "hivivo",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "vivobaby",
"scope": "lt",
"trust": 0.8,
"vendor": "asustek computer",
"version": "1.1.09"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014532"
},
{
"db": "NVD",
"id": "CVE-2017-17944"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:asus:hivivo",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:asus:vivobaby",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014532"
}
]
},
"cve": "CVE-2017-17944",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-17944",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-109017",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-17944",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-17944",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2017-17944",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-822",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-109017",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014532"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-822"
},
{
"db": "NVD",
"id": "CVE-2017-17944"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation. ASUS Vivobaby for Android is an Android platform-based baby physiological monitor control and management application developed by China Taiwan ASUS Corporation. There is a trust management issue vulnerability in ASUS Vivobaby versions earlier than 1.1.09 based on the Android platform. This vulnerability stems from the lack of an effective trust management mechanism in network systems or products. Attackers can use default passwords or hard-coded passwords, hard-coded certificates, etc. to attack affected components",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17944"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014532"
},
{
"db": "VULHUB",
"id": "VHN-109017"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-17944",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014532",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-822",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-109017",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014532"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-822"
},
{
"db": "NVD",
"id": "CVE-2017-17944"
}
]
},
"id": "VAR-201906-0726",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-109017"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:30:01.323000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ASUS Vivobaby",
"trust": 0.8,
"url": "https://play.google.com/store/apps/details?id=com.asus.vivobaby\u0026hl=ja"
},
{
"title": "HiVivo for ASUS VivoWatch",
"trust": 0.8,
"url": "https://play.google.com/store/apps/details?id=com.hivivo.dountapp\u0026hl=ja"
},
{
"title": "ASUS Vivobaby for Android Remediation measures for authorization problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=93971"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014532"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-822"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014532"
},
{
"db": "NVD",
"id": "CVE-2017-17944"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17944"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17944"
},
{
"trust": 0.8,
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-109017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014532"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-822"
},
{
"db": "NVD",
"id": "CVE-2017-17944"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-109017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-014532"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-822"
},
{
"db": "NVD",
"id": "CVE-2017-17944"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-109017"
},
{
"date": "2019-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014532"
},
{
"date": "2019-06-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-822"
},
{
"date": "2019-06-20T15:15:10.537000",
"db": "NVD",
"id": "CVE-2017-17944"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-21T00:00:00",
"db": "VULHUB",
"id": "VHN-109017"
},
{
"date": "2019-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-014532"
},
{
"date": "2019-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-822"
},
{
"date": "2024-11-21T03:19:01.600000",
"db": "NVD",
"id": "CVE-2017-17944"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-822"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Android for ASUS Vivobaby Application validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-014532"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-822"
}
],
"trust": 0.6
}
}
CVE-2017-17945 (GCVE-0-2017-17945)
Vulnerability from nvd – Published: 2019-06-24 18:22 – Updated: 2024-08-05 21:06
VLAI?
Summary
The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Date Public ?
2017-12-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:06:49.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-12-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-24T18:22:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17945",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues",
"refsource": "MISC",
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17945",
"datePublished": "2019-06-24T18:22:42.000Z",
"dateReserved": "2017-12-28T00:00:00.000Z",
"dateUpdated": "2024-08-05T21:06:49.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17944 (GCVE-0-2017-17944)
Vulnerability from nvd – Published: 2019-06-20 15:00 – Updated: 2024-08-05 21:06
VLAI?
Summary
The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:06:49.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-20T15:00:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17944",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues",
"refsource": "MISC",
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17944",
"datePublished": "2019-06-20T15:00:14.000Z",
"dateReserved": "2017-12-28T00:00:00.000Z",
"dateUpdated": "2024-08-05T21:06:49.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17945 (GCVE-0-2017-17945)
Vulnerability from cvelistv5 – Published: 2019-06-24 18:22 – Updated: 2024-08-05 21:06
VLAI?
Summary
The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Date Public ?
2017-12-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:06:49.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-12-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-24T18:22:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17945",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ASUS HiVivo aspplication before 5.6.27 for ASUS Watch has Missing SSL Certificate Validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues",
"refsource": "MISC",
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17945",
"datePublished": "2019-06-24T18:22:42.000Z",
"dateReserved": "2017-12-28T00:00:00.000Z",
"dateUpdated": "2024-08-05T21:06:49.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17944 (GCVE-0-2017-17944)
Vulnerability from cvelistv5 – Published: 2019-06-20 15:00 – Updated: 2024-08-05 21:06
VLAI?
Summary
The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:06:49.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-20T15:00:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17944",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues",
"refsource": "MISC",
"url": "http://firstsight.me/2017/12/lack-of-binary-protection-at-asus-vivo-baby-and-hivivo-for-android-that-could-result-of-several-security-issues"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17944",
"datePublished": "2019-06-20T15:00:14.000Z",
"dateReserved": "2017-12-28T00:00:00.000Z",
"dateUpdated": "2024-08-05T21:06:49.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}