Atlassian HipChat for iOS CVE-2017-8058 TLS Certificate Validation Security Bypass Vulnerability



Atlassian HipChat for iOS is prone to a security-bypass vulnerability.

Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks and bypass certain security restrictions.

Versions prior to Atlassian HipChat for iOS 3.16.2 are vulnerable.

Information

Bugtraq ID: 98318
Class: Design Error
CVE: CVE-2017-8058

Remote: Yes
Local: No
Published: May 05 2017 12:00AM
Updated: May 05 2017 12:00AM
Credit: The vendor reported the issue.
Vulnerable: Atlassian HipChat for iOS 0


Not Vulnerable: Atlassian HipChat for iOS 3.16.2


Exploit


An attacker can exploit this issue using readily available tools.


Related Posts

Comments