2 matches found
CVE-2021-27768
The CVE-2021-27768 entry applies to HCL Verse for Android, where hostname verification and SSL certificate validation during server setup and login are broken. This enables a MITM attack via a proxy in transparent mode and an invalid hostname certificate, potentially exposing sensitive account in...
CVE-2021-27768 An SSL certificate host verification vulnerability affects HCL Verse for Android
Using the ability to perform a Man-in-the-Middle MITM attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in 'transparent' mode...