CVE-2023-29501

Published: Jun 13, 2023

Modified: Jan 3, 2025

PUBLISHED

Description

Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vulnerable to improper server certificate verification. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication.

Vendor	Product	Versions
RUNSYSTEM CO.,LTD.	Jiyu Kukan Toku-Toku coupon App for iOS, and Jiyu Kukan Toku-Toku coupon App for Android	affected `Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier`

References

https://www.runsystem.co.jp/g1-pr/17570

https://apps.apple.com/jp/app/%E8%87%AA%E9%81%8A%E7%A9%BA%E9%96%93%E3%81%A8%E3%81%8F%E3%81%A8%E3%81%8F%E3%82%AF%E3%83%BC%E3%83%9D%E3%83%B3/id608149604

https://play.google.com/store/apps/details?id=jp.runsystem

https://jvn.jp/en/jp/JVN33836375/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-29501

Description

Affected Products

References