CVE-2017-14582

The Zoho Site24x7 Mobile Network Poller application before 1.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a self-signed certificate.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:zohocorp:site24x7_mobile_network_poller:*:*:*:*:*:android:*:*

Information

Published : 2017-09-29 18:29

Updated : 2017-10-10 11:15


NVD link : CVE-2017-14582

Mitre link : CVE-2017-14582


JSON object : View

CWE
CWE-295

Improper Certificate Validation

Advertisement

dedicated server usa

Products Affected

zohocorp

  • site24x7_mobile_network_poller