PT-2023-18851 · Selfwealth · Selfwealth Ios Mobile App
L00Neyhacker
·
Published
2023-02-01
·
Updated
2023-02-08
·
CVE-2023-23131
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Selfwealth iOS mobile App version 3.3.1
Description
The issue concerns Insecure App Transport Security (ATS) Settings in the Selfwealth iOS mobile App. This means the app may not properly secure its communication, potentially allowing for interception or eavesdropping of sensitive data.
Recommendations
For Selfwealth iOS mobile App version 3.3.1, consider updating the app's transport security settings to ensure all communications are properly encrypted and secure. As a temporary workaround, restrict the use of the app on unsecured networks until a more secure version is available.
Exploit
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Selfwealth Ios Mobile App