CVE-2015-2968

EPSS 0.2%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

31 Oct 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

LINE@ for Android version 1.0.0 and LINE@ for iOS version 1.0.0 are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.

Affected products

LINE Corporation · LINE@ for Android LINE Corporation · LINE@ for iOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://official-blog.line.me/ja/archives/36495925.html https://jvn.jp/en/jp/JVN22546110/