CVE-2018-16179

The Mizuho Direct App for Android version 3.13.0 and earlier does not verify server certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
Configurations

Configuration 1

cpe:2.3:a:mizuhobank:mizuho_direct_application:*:*:*:*:*:android:*:*

Information

Published : 2019-01-09 11:29

Updated : 2019-01-17 08:11


NVD link : CVE-2018-16179

Mitre link : CVE-2018-16179

Products Affected
No products.
CWE
CWE-295

Improper Certificate Validation