JVN#21114208: Business LaLa Call App for Android fails to verify SSL server certificates

2017-02-03T00:00:00
ID JVN:21114208
Type jvn
Reporter Japan Vulnerability Notes
Modified 2017-02-03T00:00:00

Description

## Description

Business LaLa Call App for Android provided by K-Opticom Corporation fails to verify SSL server certificates.

## Impact

A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication.

## Solution

Update the Application
Update to the latest version according to the information provided by the developer.

## Products Affected

  • Business LaLa Call App for Android ver1.4.7 and earlier