Space Coast Credit Union · Space Coast Credit Union Mobile App · CVE-2017-3212
**Name of the Vulnerable Software and Affected Versions**
Space Coast Credit Union Mobile app version 2.2 for iOS
Space Coast Credit Union Mobile app version 2.1.0.1104 for Android
**Description**
The issue allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, as the app does not verify X.509 certificates from SSL servers.
**Recommendations**
For version 2.2 on iOS, update the app to a version that properly verifies X.509 certificates.
For version 2.1.0.1104 on Android, update the app to a version that properly verifies X.509 certificates.