Vulnerabilities > Electronic Funds Source LLC > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-05-05 CVE-2017-5909 Improper Certificate Validation vulnerability in Electronic Funds Source LLC EFS Mobile Driver Source 2.5
The Electronic Funds Source (EFS) Mobile Driver Source app 2.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
network
high complexity
electronic-funds-source-llc CWE-295
5.9