PT-2017-8537 · Sushiro · Sushiro App For Ios+1
Yuta Teshima
·
Publicado
2017-04-21
·
Atualizado
2021-04-01
·
CVE-2016-4830
CVSS v3.1
5.9
Média
| Vetor | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Sushiro App for iOS versions 2.1.16 and earlier
Sushiro App for Android versions 2.1.16.1 and earlier
Description
The issue is related to the failure of the Sushiro App to verify SSL certificates. This could potentially allow for man-in-the-middle attacks.
Recommendations
For Sushiro App for iOS versions 2.1.16 and earlier, update to a version that properly verifies SSL certificates.
For Sushiro App for Android versions 2.1.16.1 and earlier, update to a version that properly verifies SSL certificates.
Correção
Improper Certificate Validation
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sushiro App For Android
Sushiro App For Ios