5.0.2

CVSS 5.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

high complexity

line

CWE-924

NVD

Published: 2023-10-31

Updated: 2023-11-08

Summary

LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.

Vulnerable Configurations

Part	Description	Count
Application	Line Line Line - Line Line 5.0.2 Line Line 5.0.0	3

Common Weakness Enumeration (CWE)

CWE-924 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel

References

http://official-blog.line.me/ja/archives/24809761.html
https://jvn.jp/en/jp/JVN41281927/