CVE-2017-3213
N/A
N/A
Summary
The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Think Mutual Bank Mobile Banking | Think Mutual Bank Mobile Banking | affected |
Weaknesses
- lack of X.509 certificate validation
ADP Enrichment
CVE Program Container
Additional References
- https://medium.com/%40chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f
- http://www.securityfocus.com/bid/98308
- http://www.kb.cert.org/vuls/id/276408
References
- https://medium.com/%40chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f
- http://www.securityfocus.com/bid/98308
- http://www.kb.cert.org/vuls/id/276408
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.