Remote Log Information Exposure in Cybozu KUNAI for Android
CVE-2017-2109

2.5LOW

Key Information:

Vendor

Cybozu
Status
Cybozu Kunai For Android
Vendor
CVE Published:
28 April 2017

What is CVE-2017-2109?

Cybozu KUNAI for Android versions 3.0.4 to 3.0.5.1 contain a vulnerability that allows remote attackers to gain access to sensitive log information through specially crafted malicious Android applications. This can lead to unauthorized information disclosure, making it critical for users of these versions to update and address this issue promptly.

Affected Version(s)

Cybozu KUNAI for Android 3.0.4 to 3.0.5.1

References

http://www.securityfocus.com/bid/96844
vdb-entryx_refsource_BID
https://support.cybozu.com/ja-jp/article/9836
x_refsource_MISC
http://jvn.jp/en/jp/JVN88745657/index.html
third-party-advisoryx_refsource_JVN

CVSS V3.1

Score:
2.5
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.