A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and before, and iPCS (Android App) v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack.
References
Link | Resource |
---|---|
https://github.com/twignet/splicecom | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
31 Jan 2024, 20:38
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:splicecom:ipcs:*:*:*:*:*:android:*:* cpe:2.3:a:splicecom:ipcs2:*:*:*:*:*:iphone_os:*:* cpe:2.3:a:splicecom:ipcs:1.3.4:*:*:*:*:iphone_os:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
CWE | CWE-295 | |
References | () https://github.com/twignet/splicecom - Exploit, Third Party Advisory |
25 Jan 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-25 08:15
Updated : 2024-02-05 00:22
NVD link : CVE-2023-33757
Mitre link : CVE-2023-33757
CVE.ORG link : CVE-2023-33757
JSON object : View
Products Affected
splicecom
- ipcs2
- ipcs
CWE
CWE-295
Improper Certificate Validation