Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2015-3996
HistoryOct 27, 2015 - 4:00 p.m.

CVE-2015-3996

2015-10-2716:00:00
mitre
www.cve.org
3

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

41.5%

JSON

The default AFSecurityPolicy.validatesDomainName configuration for AFSSLPinningModeNone in the AFNetworking framework before 2.5.3, as used in the ownCloud iOS Library, disables verification of a server hostname against the domain name in the subject’s Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Related

veracode 1
nvd 1
cve 1
prion 1
owncloud 3
veracode
veracode
Spoofing SSL Servers Via An Arbitrary Valid Certificate.
2017-02-02 08:25:44
nvd
nvd
CVE-2015-3996
2015-10-27 16:59:00
cve
cve
CVE-2015-3996
2015-10-27 16:59:00
prion
prion
Default configuration
2015-10-27 16:59:00
owncloud
owncloud
Improper validation of certificates within the iOS application
2015-08-31 00:00:00
Improper validation of certificates within the iOS application - ownCloud
2015-08-31 11:45:37
Mobile App: Improper validation of certificates within the iOS application
2015-08-03 14:56:11

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

41.5%

JSON
Related for CVELIST:CVE-2015-3996
veracode1nvd1cve1prion1owncloud3