Man-in-the-Middle Attack Vulnerability in Amazon Fire OS
CVE-2019-7399

7.4HIGH

Key Information:

Vendor: Amazon
Status: Fire Os
Vendor: CVE Published:; 17 February 2019

What is CVE-2019-7399?

A vulnerability in Amazon Fire OS prior to version 5.3.6.4 permits attackers to perform man-in-the-middle attacks on HTTP requests, specifically targeting the 'Terms of Use' and Privacy pages. This issue arises when sensitive information is transmitted over unencrypted connections, thereby allowing malicious actors to intercept or manipulate this data.

References

http://www.securityfocus.com/bid/107025

vdb-entryx_refsource_BID

https://wwws.nightwatchcybersecurity.com/2019/02/07/conte...

x_refsource_MISC

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2019
Vulnerability Reserved
Feb 4, 2019