CVE-2017-3190

Summary

Flash Seats Mobile App for Android version 1.7.9 and earlier and for iOS version 1.9.51 and earlier fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks.

Affected Software

VendorProductVersion RangeStatus
Flash SeatsFlash Seats Mobile AppAndroid version 1.7.9 and earlieraffected
Flash SeatsFlash Seats Mobile AppiOS version 1.9.51 and earlieraffected

Weaknesses

  • CWE-295: CWE-295: Improper Certificate Validation

ADP Enrichment

CVE Program Container

Additional References

References