First published: Fri Apr 28 2017(Updated: )
Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 allow remote attackers to obtain log information through a malicious Android application.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Cybozu Kunai Browser For Remote Service | =3.0.4 | |
Cybozu Kunai Browser For Remote Service | =3.0.5 | |
Cybozu Kunai Browser For Remote Service | =3.0.5.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-2109 is classified as a medium severity vulnerability that allows remote attackers to obtain sensitive log information.
To fix CVE-2017-2109, update to Cybozu KUNAI version 3.0.5.2 or later to mitigate the vulnerability.
CVE-2017-2109 can expose user log information, potentially leading to unauthorized access or data leakage.
CVE-2017-2109 affects Cybozu KUNAI versions 3.0.4 to 3.0.5.1 on Android.
Yes, CVE-2017-2109 can be exploited through a malicious Android application requiring user installation.