CVE-2016-1221

2017-04-2120:00:00

jpcert

www.cve.org

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.1%

JSON

Jetstar App for iOS before 3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

References

jvn.jp/en/jp/JVN43529183/index.html

jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000067.html