CVE-2016-2268
6.8
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
Exploitability: 2.2 / Impact: 4.0
Source: NVD
Description
Dell SecureWorks app before 2.1 for iOS does not validate SSL certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Affected (1)
Products: Dell: Secureworks
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.0.6 |
Related CWEs
References (10)
http://packetstormsecurity.com/files/135617/Dell-SecureWorks-iOS-Certificate-Validation-Failure.html
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
http://packetstormsecurity.com/files/135617/Dell-SecureWorks-iOS-Certificate-Validation-Failure.html
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Timeline
No history available yet.