CVE-2015-0897

Summary

LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.

Affected Software

VendorProductVersion RangeStatus
LINE CorporationLINE for Androidversion 5.0.2 and earlieraffected
LINE CorporationLINE for iOSversion 5.0.0 and earlieraffected

Weaknesses

  • Script injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References