VYPR

Kintone

by Cybozu

CVEs (3)

  • CVE-2016-7816MedJun 9, 2017
    risk 0.38cvss 5.9epss 0.01

    The Cybozu kintone mobile for Android 1.0.6 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2016-1186MedApr 21, 2017
    risk 0.38cvss 5.9epss 0.01

    Kintone mobile for Android 1.0.0 through 1.0.5 does not verify SSL server certificates.

  • CVE-2016-1185LowApr 25, 2016
    risk 0.16cvss 2.5epss 0.01

    The Cybozu kintone mobile application 1.x before 1.0.6 for Android allows attackers to discover an authentication token via a crafted application.