Description


TONE store App version 3.4.2 and earlier contains an issue with unprotected primary channel. Since TONE store App communicates with TONE store website in cleartext, a man-in-the-middle attack may allow an attacker to obtain and/or alter communications of the affected App.

Related CPE's


Could not find any relations

Weaknesses



CWE-419

CVSS impact metrics


CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

3.7 · Low

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Awaiting analysis

Published

2024-07-10T07:15:03.247

3 days ago

Last modified

2024-07-11T15:06:15.210

2 days ago