Aoki Keiichi

**Name of the Vulnerable Software and Affected Versions** Rakuten card App for iOS versions 5.2.0 through 5.2.4 **Description** The issue allows remote attackers to execute man-in-the-middle attacks because the app does not verify SSL certificates. **Recommendations** For versions 5.2.0 through 5.2.4, update to a version that verifies SSL certificates to prevent man-in-the-middle attacks.

**Name of the Vulnerable Software and Affected Versions** niconico App for iOS versions prior to 6.38 **Description** The issue allows remote attackers to execute man-in-the-middle attacks because the app does not verify SSL certificates. **Recommendations** For versions prior to 6.38, update to version 6.38 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Gurunavi App for iOS versions prior to 6.0.0 **Description** The issue allows remote attackers to perform man-in-the-middle attacks because it does not verify SSL certificates. **Recommendations** For versions prior to 6.0.0, update to version 6.0.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ANA App for Android versions 3.1.1 and earlier ANA App for iOS versions 3.3.6 and earlier **Description** The issue concerns the failure to verify SSL certificates. This could potentially allow for man-in-the-middle attacks. No information is provided about the estimated number of affected devices or real-world incidents. **Recommendations** For ANA App for Android versions 3.1.1 and earlier, update to a version that verifies SSL certificates. For ANA App for iOS versions 3.3.6 and earlier, update to a version that verifies SSL certificates.