CVE-2015-6303

Currently unrated

Key Information:

Vendor
Cisco
Status
Vendor
CVE Published:
24 September 2015

Summary

The Cisco Spark application 2015-07-04 for mobile operating systems does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka Bug IDs CSCut36742 and CSCut36844.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.