Описание
'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.5.16 (исключая)
cpe:2.3:a:dena:mobaoku-auction_\&_flea_market:*:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 30%
0.00111
Низкий
3.7 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-295
Связанные уязвимости
CVSS3: 3.7
github
больше 3 лет назад
'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
EPSS
Процентиль: 30%
0.00111
Низкий
3.7 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-295