Refine your search
2 vulnerabilities found for ANA by ALL NIPPON AIRWAYS CO., LTD
jvndb-2018-000065
Vulnerability from jvndb
Published
2018-06-15 14:40
Modified
2019-12-27 18:08
Severity ?
Summary
ANA App for iOS fails to verify SSL server certificates
Details
ANA App for iOS provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates (CWE-295).
Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000065.html",
"dc:date": "2019-12-27T18:08+09:00",
"dcterms:issued": "2018-06-15T14:40+09:00",
"dcterms:modified": "2019-12-27T18:08+09:00",
"description": "ANA App for iOS provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates (CWE-295).\r\n\r\nYuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000065.html",
"sec:cpe": {
"#text": "cpe:/a:ana:all_nippon_airways",
"@product": "ANA",
"@vendor": "ALL NIPPON AIRWAYS CO., LTD",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2018-000065",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN71535108/index.html",
"@id": "JVN#71535108",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0611",
"@id": "CVE-2018-0611",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0611",
"@id": "CVE-2018-0611",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "ANA App for iOS fails to verify SSL server certificates"
}
jvndb-2015-000164
Vulnerability from jvndb
Published
2015-10-28 14:50
Modified
2018-03-07 13:50
Summary
ANA App fails to verify SSL server certificates
Details
ANA App provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates.
AOKI Keiichi reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000164.html",
"dc:date": "2018-03-07T13:50+09:00",
"dcterms:issued": "2015-10-28T14:50+09:00",
"dcterms:modified": "2018-03-07T13:50+09:00",
"description": "ANA App provided by ALL NIPPON AIRWAYS CO., LTD fails to verify SSL server certificates.\r\n\r\nAOKI Keiichi reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000164.html",
"sec:cpe": {
"#text": "cpe:/a:ana:all_nippon_airways",
"@product": "ANA",
"@vendor": "ALL NIPPON AIRWAYS CO., LTD",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2015-000164",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN25086409/index.html",
"@id": "JVN#25086409",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5666",
"@id": "CVE-2015-5666",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2015-5666",
"@id": "CVE-2015-5666",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "ANA App fails to verify SSL server certificates"
}