CVE-2024-39886

July 10, 2024, 7:15 a.m.

None
No Score

Description

TONE store App version 3.4.2 and earlier contains an issue with unprotected primary channel. Since TONE store App communicates with TONE store website in cleartext, a man-in-the-middle attack may allow an attacker to obtain and/or alter communications of the affected App.

Product(s) Impacted

Product Versions
TONE store App
  • 3.4.2 and earlier

Weaknesses

References

https://jvn.jp/en/jp/JVN28515217/
https://tone.ne.jp/vulnerability/14492007.html

Tags

vultures@jpcert.or.jp
2024-07-10
CVE-2024-39886

Date

  • Published: July 10, 2024, 7:15 a.m.
  • Last Modified: July 10, 2024, 7:15 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

vultures@jpcert.or.jp

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.