Search
Find a vulnerability
Search criteria
3 vulnerabilities by Nihon Unisys, Ltd.
CVE-2016-7805 (GCVE-0-2016-7805)
Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
VLAI
EPSS
VEX
Summary
The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Severity
No CVSS data available.
CWE
- Fails to verify SSL certificates
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/94085 | vdb-entryx_refsource_BID |
| https://jvn.jp/en/jp/JVN27260483/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Nihon Unisys, Ltd. | mobiGate App for Android |
Affected:
version 2.2.1.2 and earlier
|
|
| Nihon Unisys, Ltd. | mobiGate App for iOS |
Affected:
version 2.2.4.1 and earlier
|
Date Public
2016-11-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94085"
},
{
"name": "JVN#27260483",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN27260483/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mobiGate App for Android",
"vendor": "Nihon Unisys, Ltd.",
"versions": [
{
"status": "affected",
"version": "version 2.2.1.2 and earlier"
}
]
},
{
"product": "mobiGate App for iOS",
"vendor": "Nihon Unisys, Ltd.",
"versions": [
{
"status": "affected",
"version": "version 2.2.4.1 and earlier"
}
]
}
],
"datePublic": "2016-11-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Fails to verify SSL certificates",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-12T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "94085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94085"
},
{
"name": "JVN#27260483",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN27260483/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mobiGate App for Android",
"version": {
"version_data": [
{
"version_value": "version 2.2.1.2 and earlier"
}
]
}
},
{
"product_name": "mobiGate App for iOS",
"version": {
"version_data": [
{
"version_value": "version 2.2.4.1 and earlier"
}
]
}
}
]
},
"vendor_name": "Nihon Unisys, Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Fails to verify SSL certificates"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94085"
},
{
"name": "JVN#27260483",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN27260483/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-7805",
"datePublished": "2017-06-09T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:04:56.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7805 (GCVE-0-2016-7805)
Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
VLAI
EPSS
VEX
Summary
The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Severity
No CVSS data available.
CWE
- Fails to verify SSL certificates
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/94085 | vdb-entryx_refsource_BID |
| https://jvn.jp/en/jp/JVN27260483/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Nihon Unisys, Ltd. | mobiGate App for Android |
Affected:
version 2.2.1.2 and earlier
|
|
| Nihon Unisys, Ltd. | mobiGate App for iOS |
Affected:
version 2.2.4.1 and earlier
|
Date Public
2016-11-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94085",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94085"
},
{
"name": "JVN#27260483",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN27260483/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mobiGate App for Android",
"vendor": "Nihon Unisys, Ltd.",
"versions": [
{
"status": "affected",
"version": "version 2.2.1.2 and earlier"
}
]
},
{
"product": "mobiGate App for iOS",
"vendor": "Nihon Unisys, Ltd.",
"versions": [
{
"status": "affected",
"version": "version 2.2.4.1 and earlier"
}
]
}
],
"datePublic": "2016-11-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Fails to verify SSL certificates",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-12T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "94085",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94085"
},
{
"name": "JVN#27260483",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN27260483/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mobiGate App for Android",
"version": {
"version_data": [
{
"version_value": "version 2.2.1.2 and earlier"
}
]
}
},
{
"product_name": "mobiGate App for iOS",
"version": {
"version_data": [
{
"version_value": "version 2.2.4.1 and earlier"
}
]
}
}
]
},
"vendor_name": "Nihon Unisys, Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Fails to verify SSL certificates"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94085"
},
{
"name": "JVN#27260483",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN27260483/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-7805",
"datePublished": "2017-06-09T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:04:56.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2016-000213
Vulnerability from jvndb - Published: 2016-11-01 13:47 - Updated:2018-01-17 12:18
Severity
Summary
mobiGate App fails to verify SSL server certificates
Details
mobiGate App provided by Nihon Unisys, Ltd. fails to verify SSL server certificates.
Gaku Taniguchi of RiskFinder,inc. reported this vulnerability to Nihon Unisys, Ltd., and Nihon Unisys, Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Nihon Unisys, Ltd. coordinated under the Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000213.html",
"dc:date": "2018-01-17T12:18+09:00",
"dcterms:issued": "2016-11-01T13:47+09:00",
"dcterms:modified": "2018-01-17T12:18+09:00",
"description": "mobiGate App provided by Nihon Unisys, Ltd. fails to verify SSL server certificates.\r\n\r\nGaku Taniguchi of RiskFinder,inc. reported this vulnerability to Nihon Unisys, Ltd., and Nihon Unisys, Ltd. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Nihon Unisys, Ltd. coordinated under the Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000213.html",
"sec:cpe": {
"#text": "cpe:/a:unisys:mobigate",
"@product": "mobiGate",
"@vendor": "Nihon Unisys, Ltd.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000213",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN27260483/index.html",
"@id": "JVN#27260483",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7805",
"@id": "CVE-2016-7805",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-7805",
"@id": "CVE-2016-7805",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "mobiGate App fails to verify SSL server certificates"
}