CVE-2017-9573

2017-06-16T12:29:00
ID CVE-2017-9573
Type cve
Reporter cve@mitre.org
Modified 2017-06-26T18:22:00

Description

The North Adams State Bank (Ursa) nasb-mobile-banking/id980573797 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.