CVE-2012-5662

Name of the Vulnerable Software and Affected Versions x3270 versions prior to 3.3.12ga12

Description The issue allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate because it does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate.

Recommendations For versions prior to 3.3.12ga12, update to version 3.3.12ga12 or later to resolve the issue.