CVE-2017-2278

EUVD-2017-11461
The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version 2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
Affected Products (NVD)
VendorProductVersion
iidrbb_speed_test
-
iidrbb_speed_test
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.iid.co.jp/information/170714.html
https://jvn.jp/en/jp/JVN24238648/index.html
http://www.iid.co.jp/information/170714.html
https://jvn.jp/en/jp/JVN24238648/index.html