CVE-2016-4811 Information

Description

The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15.1 and earlier for Android and 1.13.0 and earlier for iOS allows man-in-the-middle attackers to obtain API access via unspecified vectors.

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Reference

http://jvn.jp/en/jp/JVN46888319/278948/index.html http://jvn.jp/en/jp/JVN46888319/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2016-000076 https://itunes.apple.com/app/japan-connected-free-wi-fi/id810838196 https://play.google.com/store/apps/details?id=com.nttbp.jfw

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

LOW

Base Severity

5.6