HIGH 7.4
CVE-2015-2988
Rakuten card App for iOS 5.2.0 through 5.2.4 does not verify SSL certificates which might allow remote attackers to execute man-in-the-middle attacks.
CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| rakutencard | rakuten_card | iOS | — | cpe:2.3:a:rakutencard:rakuten_card:5.2.0:*:*:*:*:iphone_os:*:* |
| rakutencard | rakuten_card | iOS | — | cpe:2.3:a:rakutencard:rakuten_card:5.2.1:*:*:*:*:iphone_os:*:* |
| rakutencard | rakuten_card | iOS | — | cpe:2.3:a:rakutencard:rakuten_card:5.2.2:*:*:*:*:iphone_os:*:* |
| rakutencard | rakuten_card | iOS | — | cpe:2.3:a:rakutencard:rakuten_card:5.2.3:*:*:*:*:iphone_os:*:* |
| rakutencard | rakuten_card | iOS | — | cpe:2.3:a:rakutencard:rakuten_card:5.2.4:*:*:*:*:iphone_os:*:* |