CVE-2016-4811

Published on: 06/19/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:26:58 PM UTC

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Certain versions of Japan Connected-free Wi-fi from Ntt-bp contain the following vulnerability:

The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.15.1 and earlier for Android and 1.13.0 and earlier for iOS allows man-in-the-middle attackers to obtain API access via unspecified vectors.

  • CVE-2016-4811 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 5.6 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK HIGH NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED LOW LOW LOW

CVSS2 Score: 5.1 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK HIGH NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
Japan Vulnerability Notes/Information from NTT Broadband Platform, Inc. Vendor Advisory
jvn.jp
text/html
URL Logo CONFIRM jvn.jp/en/jp/JVN46888319/278948/index.html
No Description Provided Vendor Advisory
jvndb.jvn.jp
text/html
URL Logo JVNDB JVNDB-2016-000076
JVN#46888319: Japan Connected-free Wi-Fi vulnerable to API execution Vendor Advisory
jvn.jp
text/xml
URL Logo JVN JVN#46888319
Japan Connected-free Wi-Fi - Android Apps on Google Play play.google.com
text/html
URL Logo CONFIRM play.google.com/store/apps/details?id=com.nttbp.jfw
‎Japan Connected-free Wi-Fi on the App Store itunes.apple.com
text/html
URL Logo CONFIRM itunes.apple.com/app/japan-connected-free-wi-fi/id810838196

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationNtt-bpJapan Connected-free Wi-fi1.13.0AllAllAll
ApplicationNtt-bpJapan Connected-free Wi-fi1.15.1AllAllAll
ApplicationNtt-bpJapan Connected-free Wi-fi1.13.0AllAllAll
ApplicationNtt-bpJapan Connected-free Wi-fi1.15.1AllAllAll
  • cpe:2.3:a:ntt-bp:japan_connected-free_wi-fi:1.13.0:*:*:*:*:iphone_os:*:*:
  • cpe:2.3:a:ntt-bp:japan_connected-free_wi-fi:1.15.1:*:*:*:*:android:*:*:
  • cpe:2.3:a:ntt-bp:japan_connected-free_wi-fi:1.13.0:*:*:*:*:iphone_os:*:*:
  • cpe:2.3:a:ntt-bp:japan_connected-free_wi-fi:1.15.1:*:*:*:*:android:*:*: