PT-2019-18581 · Amazon · Amazon Fire Os
Yakov Shafranovich
·
Published
2019-02-17
·
Updated
2020-08-24
·
CVE-2019-7399
CVSS v3.1
7.4
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Amazon Fire OS versions prior to 5.3.6.4
Description
The issue allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages.
Recommendations
For Amazon Fire OS versions prior to 5.3.6.4, update to version 5.3.6.4 or later to resolve the issue.
Exploit
Fix
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Amazon Fire Os