CVE-2016-7805

Summary

The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Affected Software

VendorProductVersion RangeStatus
Nihon Unisys, Ltd.mobiGate App for Androidversion 2.2.1.2 and earlieraffected
Nihon Unisys, Ltd.mobiGate App for iOSversion 2.2.4.1 and earlieraffected

Weaknesses

  • Fails to verify SSL certificates

ADP Enrichment

CVE Program Container

Additional References

References