Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-8942

Опубликовано: 15 мая 2017
Источник: nvd
CVSS3: 5.9
CVSS2: 4.3
EPSS Низкий

Описание

The YottaMark ShopWell - Healthy Diet & Grocery Food Scanner app 5.3.7 through 5.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:yottamark_inc.:shopwell_-_healthy_diet_\&_grocery_food_scanner:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:yottamark_inc.:shopwell_-_healthy_diet_\&_grocery_food_scanner:5.3.8:*:*:*:*:*:*:*
cpe:2.3:a:yottamark_inc.:shopwell_-_healthy_diet_\&_grocery_food_scanner:5.3.9:*:*:*:*:*:*:*
cpe:2.3:a:yottamark_inc.:shopwell_-_healthy_diet_\&_grocery_food_scanner:5.4.0:*:*:*:*:*:*:*
cpe:2.3:a:yottamark_inc.:shopwell_-_healthy_diet_\&_grocery_food_scanner:5.4.1:*:*:*:*:*:*:*
cpe:2.3:a:yottamark_inc.:shopwell_-_healthy_diet_\&_grocery_food_scanner:5.4.2:*:*:*:*:*:*:*

EPSS

Процентиль: 32%
0.00121
Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-295

Связанные уязвимости

github логотип

GHSA-xm87-mj3j-9ppw

CVSS3: 5.9
github
больше 3 лет назад

The YottaMark ShopWell - Healthy Diet & Grocery Food Scanner app 5.3.7 through 5.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

EPSS

Процентиль: 32%
0.00121
Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-295