Vulnerabilities

CVE-2017-9968

by Fred · 12/02/2018

A security misconfiguration vulnerability exists in Schneider Electric’s IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack.

Date published : 2018-02-12

http://www.securityfocus.com/bid/103048

https://www.schneider-electric.com/en/download/document/SEVD-2018-039-02/

Similar

Tags: Cybersecurity Alert