{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T16:49:40.440","vulnerabilities":[{"cve":{"id":"CVE-2019-5954","sourceIdentifier":"vultures@jpcert.or.jp","published":"2019-05-17T16:29:05.453","lastModified":"2024-11-21T04:45:48.020","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"JR East Japan train operation information push notification App for Android version 1.2.4 and earlier allows remote attackers to bypass access restriction to obtain or alter the user's registered information via unspecified vectors."},{"lang":"es","value":"La aplicación de notificación de inserción de información de operación del tren de JR East Japan para Android versión 1.2.4 y anterior permite a los atacantes remotos eludir la restricción de acceso para obtener o alterar la información registrada del usuario a través de vectores no especificados"}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jreast:jr_east_japan:*:*:*:*:*:android:*:*","versionEndIncluding":"1.2.4","matchCriteriaId":"7BE74A80-4766-4476-96B6-D4DABBC24A35"}]}]}],"references":[{"url":"http://jvn.jp/en/jp/JVN01119243/index.html","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"https://www.jreast.co.jp/press/2018/20190310.pdf","source":"vultures@jpcert.or.jp","tags":["Vendor Advisory"]},{"url":"http://jvn.jp/en/jp/JVN01119243/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.jreast.co.jp/press/2018/20190310.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}