CVE-2015-6303
CVE-2015-6303 concerns the Cisco Spark mobile app (2015-07-04 build) where SSL/TLS certificate validation is flawed. The root cause is improper verification of X.509 certificates from SSL servers, enabling a man-in-the-middle attacker to spoof servers and access sensitive information via a crafte...