Vulnerabilities > CVE-2015-2968 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Line Line@ 1.0.0

CVSS 5.9 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

high complexity

line

CWE-924

NVD

Published: 2023-10-31

Updated: 2023-11-08

Summary

LINE@ for Android version 1.0.0 and LINE@ for iOS version 1.0.0 are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.

Vulnerable Configurations

Part	Description	Count
Application	Line Line Line@ 1.0.0	2

Common Weakness Enumeration (CWE)

CWE-924 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel

References

https://jvn.jp/en/jp/JVN22546110/
http://official-blog.line.me/ja/archives/36495925.html