Описание
Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4 for Android do not verify X.509 certificates from SSL servers, which allow man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.4 (включая)Версия до 2.4 (включая)
Одно из
cpe:2.3:a:citrix:sharefile_mobile:*:*:*:*:*:android:*:*
cpe:2.3:a:citrix:sharefile_mobile_for_tablets:*:*:*:*:*:android:*:*
EPSS
Процентиль: 42%
0.00199
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4 for Android do not verify X.509 certificates from SSL servers, which allow man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
EPSS
Процентиль: 42%
0.00199
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-310