Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors.
Max CVSS
4.6
EPSS Score
0.07%
Published
2020-05-29
Updated
2020-05-29
The Cybozu kintone mobile for Android 1.0.6 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Max CVSS
5.9
EPSS Score
0.08%
Published
2017-06-09
Updated
2017-06-21
Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates.
Max CVSS
5.9
EPSS Score
0.25%
Published
2017-04-21
Updated
2017-04-26
The Cybozu kintone mobile application 1.x before 1.0.6 for Android allows attackers to discover an authentication token via a crafted application.
Max CVSS
2.6
EPSS Score
0.10%
Published
2016-04-25
Updated
2017-03-15
4 vulnerabilities found