CVE-2017-2110
N/A
N/A
Summary
The Access CX App for Android prior to 2.0.0.1 and for iOS prior to 2.0.2 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| NISSAN SECURITIES CO., LTD. | Access CX App for Android | prior to Ver2.0.0.1 | affected |
| NISSAN SECURITIES CO., LTD. | Access CX App for iOS | prior to Ver2.0.2 | affected |
Weaknesses
- Fails to verify SSL certificates
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.