CVE-2017-2387
The CVE covers Apple Music for Android (com.apple.android.music) prior to version 2.0, where the app does not verify X.509 SSL certificates, enabling potential MITM attackers to spoof servers and obtain sensitive information via a crafted certificate. The issue is tied to certificate validation i...