First published: Sun Feb 17 2019(Updated: )
Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Amazon Fire OS | <5.3.6.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Amazon Fire OS vulnerability is CVE-2019-7399.
The severity of CVE-2019-7399 is high with a CVSS score of 7.4.
CVE-2019-7399 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages in Amazon Fire OS before 5.3.6.4.
To protect yourself from CVE-2019-7399, ensure that you update Amazon Fire OS to version 5.3.6.4 or later.
You can find more information about CVE-2019-7399 at the following references: [SecurityFocus](http://www.securityfocus.com/bid/107025) and [Nightwatch Cybersecurity](https://wwws.nightwatchcybersecurity.com/2019/02/07/content-injection-in-amazon-kindles-fireos-cve-2019-7399/).