Описание
Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
Ссылки
- Product
- Third Party Advisory
- Product
- Product
- Third Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 3.1.0 (исключая)Версия до 3.1.0 (исключая)
Одно из
cpe:2.3:a:ichiranusa:ichiran:*:*:*:*:*:android:*:*
cpe:2.3:a:ichiranusa:ichiran:*:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 36%
0.00149
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-295
CWE-295
Связанные уязвимости
CVSS3: 5.9
github
почти 3 года назад
Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
EPSS
Процентиль: 36%
0.00149
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-295
CWE-295