JVN#82619692: Access CX App fails to verify SSL server certificates

ID JVN:82619692
Type jvn
Reporter Japan Vulnerability Notes
Modified 2017-03-01T00:00:00


## Description

Access CX App provided by NISSAN SECURITIES CO., LTD. fails to verify SSL server certificates.

## Impact

A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication.

## Solution

Update the Application
Update to the latest version according to the information provided by the developer.

## Products Affected

  • Access CX App for Android prior to Ver2.0.0.1
  • Access CX App for iOS prior to Ver2.0.2