PT-2023-22284 · Unknown · Jiyu Kukan Toku-Toku Coupon App

Ryo Nihonyanagi

Published

2023-06-13

Updated

2023-06-23

CVE-2023-29501

CVSS v3.1

4.8

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier

Description The issue is related to improper server certificate verification. If exploited, it may allow a man-in-the-middle attack, enabling an attacker to eavesdrop on encrypted communication.

Recommendations For Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, update to a version later than 3.5.0 to resolve the issue. For Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier, update to a version later than 3.5.0 to resolve the issue.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

CVE-2023-29501

Affected Products

Jiyu Kukan Toku-Toku Coupon App

PT-2023-22284 · Unknown · Jiyu Kukan Toku-Toku Coupon App

CVE-2023-29501

Weakness Enumeration

Related Identifiers

Affected Products

References · 7