CVE-2017-2278

The RBB SPEED TEST App for Android version 2.0.3 and earlier, RBB SPEED TEST App for iOS version 2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
iidrbb_speed_test
-
iidrbb_speed_test
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.iid.co.jp/information/170714.html
https://jvn.jp/en/jp/JVN24238648/index.html
http://www.iid.co.jp/information/170714.html
https://jvn.jp/en/jp/JVN24238648/index.html