Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
[
{
"vendor": "Betrend Corporation and ICHIRAN INC.",
"product": "Ichiran App for iOS and Ichiran App for Android",
"versions": [
{
"version": "Ichiran App for iOS versions prior to 3.1.0, and Ichiran App for Android versions prior to 3.1.0",
"status": "affected"
}
]
}
]