Vulnerabilities > Improper Certificate Validation
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-05 | CVE-2017-5907 | Improper Certificate Validation vulnerability in Great Southern Bank Great Southern Mobile Banking 3.0.1 The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5906 | Improper Certificate Validation vulnerability in Everyday Health INC Diabetes in Check: Blood Glucose & Carb Tracker 3.4.2 The Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app 3.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5905 | Improper Certificate Validation vulnerability in Dollar Bank Dollar Bank Mobile 2.6.3 The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5902 | Improper Certificate Validation vulnerability in Payquicker Mypayquicker 1.0.0 The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-5901 | Improper Certificate Validation vulnerability in State Bank of India State Bank Anywhere 5.1.0 The State Bank of India State Bank Anywhere app 5.1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-3213 | Improper Certificate Validation vulnerability in Think Mutual Bank Think Mutual Bank Mobile Banking APP 3.1.5 The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-05 | CVE-2017-3212 | Improper Certificate Validation vulnerability in Sccu Space Coast Credit Union The Space Coast Credit Union Mobile app 2.2 for iOS and 2.1.0.1104 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-05-02 | CVE-2016-4467 | Improper Certificate Validation vulnerability in Apache Qpid Proton The C client and C-based client bindings in the Apache Qpid Proton library before 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when using the SChannel-based security layer, which allows man-in-the-middle attackers to spoof servers via an arbitrary valid certificate. | 5.9 |
| 2017-04-28 | CVE-2017-2110 | Improper Certificate Validation vulnerability in Nissan Securities Access CX The Access CX App for Android prior to 2.0.0.1 and for iOS prior to 2.0.2 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
| 2017-04-28 | CVE-2016-7815 | Improper Certificate Validation vulnerability in Cybozu Remote Service Manager Remote Service Manager 3.0.0 to 3.1.4 fails to verify client certificates, which may allow remote attackers to gain access to systems on the network. | 4.2 |