← Back to CVEs
CVE-2017-3190
N/ADescription
Flash Seats Mobile App for Android version 1.7.9 and earlier and for iOS version 1.9.51 and earlier fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks.
CVE Details
CVSS v3.1 ScoreN/A
Published12/16/2017
Last Modified4/20/2025
Sourcenvd
Honeypot Sightings0
Affected Products
axs:flash_seats
Weaknesses (CWE)
CWE-295CWE-295
References
http://www.securityfocus.com/bid/96719(cret@cert.org)
https://www.kb.cert.org/vuls/id/247016(cret@cert.org)
https://www.wilderssecurity.com/threads/flash-seats-mobile-app-for-ios-fails-to-validate-ssl-certificates.392553/(cret@cert.org)
http://www.securityfocus.com/bid/96719(af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/247016(af854a3a-2127-422b-91ae-364da2661108)
https://www.wilderssecurity.com/threads/flash-seats-mobile-app-for-ios-fails-to-validate-ssl-certificates.392553/(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.