CVE-2015-6303

2015-09-2414:00:00

cisco

www.cve.org

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.1%

JSON

The Cisco Spark application 2015-07-04 for mobile operating systems does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka Bug IDs CSCut36742 and CSCut36844.

References

tools.cisco.com/security/center/viewAlert.x?alertId=41127