Published: 2016/05/16 Last Updated: 2016/05/16

Information from Cybozu, Inc.

Vulnerability ID:JVN#11994518
Title:Cybozu KUNAI App fails to verify SSL server certificates
Status:Vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.

For more information about this vulnerability, please see our Japanese website.

<KUNAI for iPhone>

[CyVDB-1139]SSLサーバー証明書の検証不備の脆弱性
https://support.cybozu.com/ja-jp/article/9446

<KUNAI for Android>

[CyVDB-1139]SSLサーバー証明書の検証不備の脆弱性
https://support.cybozu.com/ja-jp/article/9495

update history

2016/05/16