CVE-2021-20833

The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate.
References
Link Resource
https://jvn.jp/en/jp/JVN10168753/index.html Third Party Advisory
https://snkrdunk.com/information/37/ Mitigation Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:soda-inc:snkrdunk:*:*:*:*:*:iphone_os:*:*

Information

Published : 2021-10-13 09:15

Updated : 2021-10-19 02:04


NVD link : CVE-2021-20833

Mitre link : CVE-2021-20833

Products Affected
No products.
CWE
CWE-295

Improper Certificate Validation