Vulnerability: Non-SSL/TLS Communications in LINE@ for Android and iOS

Vulnerability: Non-SSL/TLS Communications in LINE@ for Android and iOS

CVE-2015-2968 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

LINE@ for Android version 1.0.0 and LINE@ for iOS version 1.0.0 are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.

Learn more about our Cis Benchmark Audit For Apple Ios.