Sign-up

ID

VAR-201308-0101


CVE

CVE-2013-3659


TITLE

docomo overseas usage application vulnerability in the connection process

Trust: 0.8

sources: JVNDB: JVNDB-2013-000075

DESCRIPTION

The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly connect to Wi-Fi access points, which allows remote attackers to obtain sensitive information by leveraging presence in an 802.11 network's coverage area. docomo overseas usage is prone to an information-disclosure vulnerability. Attackers can exploit this issue to disclose potentially sensitive information through man-in-the-middle attacks. This may aid in further attacks. docomo overseas usage 2.0.0 through versions 2.0.4 are vulnerable

Trust: 1.89

sources: NVD: CVE-2013-3659 // JVNDB: JVNDB-2013-000075 // BID: 61830

IOT TAXONOMY

category:['network device']sub_category:access point

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:nttdocomomodel:overseas usagescope:eqversion:2.0.4

Trust: 1.6

vendor:nttdocomomodel:overseas usagescope:eqversion:2.0.0

Trust: 1.6

vendor:ntt docomomodel:overseas usage applicationscope:eqversion:ver2.0.0 through ver2.0.4

Trust: 0.8

vendor:nttmodel:docomo inc docomo overseas usagescope:eqversion:2.0.4

Trust: 0.3

vendor:nttmodel:docomo inc docomo overseas usagescope:eqversion:2.0

Trust: 0.3

sources: BID: 61830 // JVNDB: JVNDB-2013-000075 // CNNVD: CNNVD-201308-134 // NVD: CVE-2013-3659

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-3659
value: LOW

Trust: 1.0

IPA: JVNDB-2013-000075
value: LOW

Trust: 0.8

CNNVD: CNNVD-201308-134
value: LOW

Trust: 0.6

nvd@nist.gov: CVE-2013-3659
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2013-000075
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

sources: JVNDB: JVNDB-2013-000075 // CNNVD: CNNVD-201308-134 // NVD: CVE-2013-3659

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.8

sources: JVNDB: JVNDB-2013-000075 // NVD: CVE-2013-3659

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201308-134

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201308-134

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-000075

PATCH
title:docomo overseas usage application - Google Playurl:https://play.google.com/store/apps/details?id=com.nttdocomo.android.gs.utility
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-000075

EXTERNAL IDS
db:NVDid:CVE-2013-3659
Trust: 2.8
db:JVNid:JVN44035194
Trust: 2.7
db:JVNDBid:JVNDB-2013-000075
Trust: 2.7
db:JVNid:JVN#44035194
Trust: 0.6
db:CNNVDid:CNNVD-201308-134
Trust: 0.6
db:BIDid:61830
Trust: 0.3
db:OTHERid:NONE
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            BID: 61830 // 
            
            
            
            JVNDB: JVNDB-2013-000075 // 
            
            
            
            CNNVD: CNNVD-201308-134 // 
            
            
            
            NVD: CVE-2013-3659

REFERENCES
url:https://play.google.com/store/apps/details?id=com.nttdocomo.android.gs.utility
Trust: 1.9
url:http://jvndb.jvn.jp/jvndb/jvndb-2013-000075
Trust: 1.6
url:http://jvn.jp/en/jp/jvn44035194/index.html
Trust: 1.6
url:http://jvn.jp/en/jp/jvn44035194/995312/index.html
Trust: 1.6
url:https://jvn.jp/en/jp/jvn44035194/
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/86361
Trust: 1.0
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3659
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3659
Trust: 0.8
url:http://jvndb.jvn.jp/en/contents/2013/jvndb-2013-000075.html
Trust: 0.3
url:https://ieeexplore.ieee.org/abstract/document/10769424
Trust: 0.1
sources:
            
            
            OTHER: None // 
            
            
            
            BID: 61830 // 
            
            
            
            JVNDB: JVNDB-2013-000075 // 
            
            
            
            CNNVD: CNNVD-201308-134 // 
            
            
            
            NVD: CVE-2013-3659

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 61830

SOURCES
db:OTHERid: - 
db:BIDid:61830
db:JVNDBid:JVNDB-2013-000075
db:CNNVDid:CNNVD-201308-134
db:NVDid:CVE-2013-3659

LAST UPDATE DATE
2025-04-11T22:15:43.547000+00:00

SOURCES UPDATE DATE
db:BIDid:61830date:2013-08-07T00:00:00
db:JVNDBid:JVNDB-2013-000075date:2013-08-14T00:00:00
db:CNNVDid:CNNVD-201308-134date:2013-08-28T00:00:00
db:NVDid:CVE-2013-3659date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:BIDid:61830date:2013-08-07T00:00:00
db:JVNDBid:JVNDB-2013-000075date:2013-08-07T00:00:00
db:CNNVDid:CNNVD-201308-134date:2013-08-23T00:00:00
db:NVDid:CVE-2013-3659date:2013-08-09T19:55:07.207