The CVSS Calculator can be used Freely via our vDNA API. For more informations, check here
Description : Vulnerability Note VU#767208ThreatMetrix SDK for iOS fails to validate SSL certificatesOriginal Release date: 10 Jan 2017 | Last revised: 11 Jan 2017OverviewOn the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack.DescriptionThreatMetrix is a security... Read more ...
Vector Brief
FULL CVSS v2 VECTOR | |
---|---|
(AV:A/AC:M/Au:N/C:P/I:P/A:N/E:ND/RL:ND/RC:ND/CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND) | |
BASE METRICS (* Required) | |
Access Vector : Adjacent network * Access Complexity : Medium * Authentication : None Required * | Confidentiality : Partial * Integrity : Partial * Availability : None * |
ENVIRONMENTAL METRICS | |
Confidentiality Requirement : Not Defined Integrity Requirement : Not Defined Availability Requirement : Not Defined | Collateral Damage Potential : Not Defined Target Distribution : Not Defined |
TEMPORAL METRICS | |
Exploitability : Not Defined Remediation Level : Not Defined Report Confidence : Not Defined |