CVE-2019-5954

Sažetak

JR East Japan train operation information push notification App for Android version 1.2.4 and earlier allows remote attackers to bypass access restriction to obtain or alter the user's registered information via unspecified vectors.

Reference

http://jvn.jp/en/jp/JVN01119243/index.html
https://www.jreast.co.jp/press/2018/20190310.pdf

CVSS

Base:	6.4
Impact:	4.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

17-05-2019 - 16:29