Vulnerability-Lookup - Search a vulnerability

All the vulnerabilites related to NTT DOCOMO, INC. - arrows

jvndb-2024-000123

Vulnerability from jvndb

Published

2024-11-29 15:30

Modified

2024-11-29 15:30

Severity ?

3.1 (Low) - cvssV3_0 - CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Summary

Multiple FCNT Android devices vulnerable to authentication bypass

Details

Multiple FCNT Android devices provide security features such as "privacy mode" where arbitrary applications can be set not to be displayed, etc. The devices contain an authentication bypass vulnerability (CWE-306), where, under certain conditions, the setting pages may be accessed without authentication.

References

▼	Type	URL
	JVN	https://jvn.jp/en/jp/JVN43845108/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2024-53701
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	KDDI	arrows
	NTT DOCOMO, INC.	arrows
	NTT DOCOMO, INC.	arrows
	SoftBank	arrows

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000123.html",
  "dc:date": "2024-11-29T15:30+09:00",
  "dcterms:issued": "2024-11-29T15:30+09:00",
  "dcterms:modified": "2024-11-29T15:30+09:00",
  "description": "Multiple FCNT Android devices provide security features such as \"privacy mode\" where arbitrary applications can be set not to be displayed, etc.\r\nThe devices contain an authentication bypass vulnerability (CWE-306), where, under certain conditions, the setting pages may be accessed without authentication.",
  "link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000123.html",
  "sec:cpe": [
    {
      "#text": "cpe:/o:kddi:arrows",
      "@product": "arrows",
      "@vendor": "KDDI",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nttdocomo:arrows",
      "@product": "arrows",
      "@vendor": "NTT DOCOMO, INC.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:nttdocomo:arrows",
      "@product": "arrows",
      "@vendor": "NTT DOCOMO, INC.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:softbank:arrows",
      "@product": "arrows",
      "@vendor": "SoftBank",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "3.1",
    "@severity": "Low",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2024-000123",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN43845108/index.html",
      "@id": "JVN#43845108",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2024-53701",
      "@id": "CVE-2024-53701",
      "@source": "CVE"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Multiple FCNT Android devices vulnerable to authentication bypass"
}