Vulnerabilities > CVE-2015-0897 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Line 5.0.0/5.0.2

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
high complexity
line
CWE-924

Summary

LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.

Vulnerable Configurations

Part Description Count
Application
Line
3