exploitDog

GHSA-9jc3-jwwp-h9mw

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The ATOM (ATOM - Smart life App for Android versions prior to 1.8.1 and ATOM - Smart life App for iOS versions prior to 1.8.2) does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on encrypted communication via a crafted certificate.

The ATOM (ATOM - Smart life App for Android versions prior to 1.8.1 and ATOM - Smart life App for iOS versions prior to 1.8.2) does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on encrypted communication via a crafted certificate.

Ссылки

EPSS

Процентиль: 32%

0.00126

Низкий

CVE ID

Дефекты

CWE-295

Связанные уязвимости

CVE-2021-20732

CVSS3: 5.9

nvd

больше 4 лет назад

The ATOM (ATOM - Smart life App for Android versions prior to 1.8.1 and ATOM - Smart life App for iOS versions prior to 1.8.2) does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on encrypted communication via a crafted certificate.

EPSS

Процентиль: 32%

0.00126

Низкий

CVE ID

Дефекты

CWE-295