Vulnerability Details CVE-2019-6024
Rakuma App for Android version 7.15.0 and earlier, and for iOS version 7.16.4 and earlier allows an attacker to bypass authentication and obtain the user's authentication information via a malicious application created by the third party.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.5%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- http://jvn.jp/en/jp/JVN41566067/index.html
- https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998
- https://play.google.com/store/apps/details?id=jp.co.fablic.fril&hl=en
- http://jvn.jp/en/jp/JVN41566067/index.html
- https://apps.apple.com/jp/app/furimaapuri-furiru-fril-fasshon/id523497998
- https://play.google.com/store/apps/details?id=jp.co.fablic.fril&hl=en
Products affected by CVE-2019-6024
-
cpe:2.3:a:rakuten:rakuma:-
-
cpe:2.3:a:rakuten:rakuma:7.10.0
-
cpe:2.3:a:rakuten:rakuma:7.10.1
-
cpe:2.3:a:rakuten:rakuma:7.11.0
-
cpe:2.3:a:rakuten:rakuma:7.12.0
-
cpe:2.3:a:rakuten:rakuma:7.12.1
-
cpe:2.3:a:rakuten:rakuma:7.12.2
-
cpe:2.3:a:rakuten:rakuma:7.13.0
-
cpe:2.3:a:rakuten:rakuma:7.13.1
-
cpe:2.3:a:rakuten:rakuma:7.14.0
-
cpe:2.3:a:rakuten:rakuma:7.15.0
-
cpe:2.3:a:rakuten:rakuma:7.15.1
-
cpe:2.3:a:rakuten:rakuma:7.16.1
-
cpe:2.3:a:rakuten:rakuma:7.16.2
-
cpe:2.3:a:rakuten:rakuma:7.16.4
-
cpe:2.3:a:rakuten:rakuma:7.6.1
-
cpe:2.3:a:rakuten:rakuma:7.7.0
-
cpe:2.3:a:rakuten:rakuma:7.8.0
-
cpe:2.3:a:rakuten:rakuma:7.9.0