The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
Configurations
History
07 Nov 2023, 02:49
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
01 Jun 2021, 18:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:dotit-corp:banque_zitouna:2.1:*:*:*:*:iphone_os:*:* |
Information
Published : 2017-05-05 07:29
Updated : 2023-12-10 12:01
NVD link : CVE-2017-5914
Mitre link : CVE-2017-5914
CVE.ORG link : CVE-2017-5914
JSON object : View
Products Affected
dotit-corp
- banque_zitouna
CWE
CWE-295
Improper Certificate Validation