Search

Find a vulnerability

Search criteria

    3 vulnerabilities by Nihon Unisys, Ltd.

    CVE-2016-7805 (GCVE-0-2016-7805)

    Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
    Severity
    No CVSS data available.
    CWE
    • Fails to verify SSL certificates
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94085 vdb-entryx_refsource_BID
    https://jvn.jp/en/jp/JVN27260483/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Date Public
    2016-11-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.113Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94085",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94085"
              },
              {
                "name": "JVN#27260483",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN27260483/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "mobiGate App for Android",
              "vendor": "Nihon Unisys, Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 2.2.1.2 and earlier"
                }
              ]
            },
            {
              "product": "mobiGate App for iOS",
              "vendor": "Nihon Unisys, Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 2.2.4.1 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-11-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Fails to verify SSL certificates",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "94085",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94085"
            },
            {
              "name": "JVN#27260483",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN27260483/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7805",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "mobiGate App for Android",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "version 2.2.1.2 and earlier"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "mobiGate App for iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "version 2.2.4.1 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Nihon Unisys, Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Fails to verify SSL certificates"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94085",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94085"
                },
                {
                  "name": "JVN#27260483",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN27260483/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7805",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.113Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7805 (GCVE-0-2016-7805)

    Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
    Severity
    No CVSS data available.
    CWE
    • Fails to verify SSL certificates
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94085 vdb-entryx_refsource_BID
    https://jvn.jp/en/jp/JVN27260483/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Date Public
    2016-11-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.113Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94085",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94085"
              },
              {
                "name": "JVN#27260483",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN27260483/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "mobiGate App for Android",
              "vendor": "Nihon Unisys, Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 2.2.1.2 and earlier"
                }
              ]
            },
            {
              "product": "mobiGate App for iOS",
              "vendor": "Nihon Unisys, Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "version 2.2.4.1 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2016-11-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Fails to verify SSL certificates",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "94085",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94085"
            },
            {
              "name": "JVN#27260483",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN27260483/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7805",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "mobiGate App for Android",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "version 2.2.1.2 and earlier"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "mobiGate App for iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "version 2.2.4.1 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Nihon Unisys, Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Fails to verify SSL certificates"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94085",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94085"
                },
                {
                  "name": "JVN#27260483",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN27260483/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7805",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.113Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    JVNDB-2016-000213

    Vulnerability from jvndb - Published: 2016-11-01 13:47 - Updated:2018-01-17 12:18
    Severity
    Summary
    mobiGate App fails to verify SSL server certificates
    Details
    mobiGate App provided by Nihon Unisys, Ltd. fails to verify SSL server certificates. Gaku Taniguchi of RiskFinder,inc. reported this vulnerability to Nihon Unisys, Ltd., and Nihon Unisys, Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Nihon Unisys, Ltd. coordinated under the Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000213.html",
      "dc:date": "2018-01-17T12:18+09:00",
      "dcterms:issued": "2016-11-01T13:47+09:00",
      "dcterms:modified": "2018-01-17T12:18+09:00",
      "description": "mobiGate App provided by Nihon Unisys, Ltd. fails to verify SSL server certificates.\r\n\r\nGaku Taniguchi of RiskFinder,inc. reported this vulnerability to Nihon Unisys, Ltd., and Nihon Unisys, Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Nihon Unisys, Ltd. coordinated under the Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000213.html",
      "sec:cpe": {
        "#text": "cpe:/a:unisys:mobigate",
        "@product": "mobiGate",
        "@vendor": "Nihon Unisys, Ltd.",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "4.0",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "4.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-000213",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN27260483/index.html",
          "@id": "JVN#27260483",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7805",
          "@id": "CVE-2016-7805",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-7805",
          "@id": "CVE-2016-7805",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "mobiGate App fails to verify SSL server certificates"
    }