CVE-2017-3190
N/A
N/A
Summary
Flash Seats Mobile App for Android version 1.7.9 and earlier and for iOS version 1.9.51 and earlier fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Flash Seats | Flash Seats Mobile App | Android version 1.7.9 and earlier | affected |
| Flash Seats | Flash Seats Mobile App | iOS version 1.9.51 and earlier | affected |
Weaknesses
- CWE-295: CWE-295: Improper Certificate Validation
ADP Enrichment
CVE Program Container
Additional References
- https://www.wilderssecurity.com/threads/flash-seats-mobile-app-for-ios-fails-to-validate-ssl-certificates.392553/
- https://www.kb.cert.org/vuls/id/247016
- http://www.securityfocus.com/bid/96719
References
- https://www.wilderssecurity.com/threads/flash-seats-mobile-app-for-ios-fails-to-validate-ssl-certificates.392553/
- https://www.kb.cert.org/vuls/id/247016
- http://www.securityfocus.com/bid/96719
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.