Описание
Rakuten card App for iOS 5.2.0 through 5.2.4 does not verify SSL certificates which might allow remote attackers to execute man-in-the-middle attacks.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:rakutencard:rakuten_card:5.2.0:*:*:*:*:iphone_os:*:*
cpe:2.3:a:rakutencard:rakuten_card:5.2.1:*:*:*:*:iphone_os:*:*
cpe:2.3:a:rakutencard:rakuten_card:5.2.2:*:*:*:*:iphone_os:*:*
cpe:2.3:a:rakutencard:rakuten_card:5.2.3:*:*:*:*:iphone_os:*:*
cpe:2.3:a:rakutencard:rakuten_card:5.2.4:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 71%
0.00664
Низкий
7.4 High
CVSS3
4 Medium
CVSS2
Дефекты
CWE-295
Связанные уязвимости
CVSS3: 7.4
github
больше 3 лет назад
Rakuten card App for iOS 5.2.0 through 5.2.4 does not verify SSL certificates which might allow remote attackers to execute man-in-the-middle attacks.
EPSS
Процентиль: 71%
0.00664
Низкий
7.4 High
CVSS3
4 Medium
CVSS2
Дефекты
CWE-295