CVE-2017-3190

high

Description

Flash Seats Mobile App for Android version 1.7.9 and earlier and for iOS version 1.9.51 and earlier fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks.

References

Advisories

https://www.wilderssecurity.com/threads/flash-seats-mobile-app-for-ios-fails-to-validate-ssl-certificates.392553/

https://www.kb.cert.org/vuls/id/247016

http://www.securityfocus.com/bid/96719

Details

Source: Mitre, NVD

Published: 2017-12-16

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 2.9

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00102

Detections

Analytics