MEDIUM🇬🇧 English

CVE-2023-33757

CVSS 5.9v3.1pub. 2024-01-25upd. 2025-06-20

A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and before, and iPCS (Android App) v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Splicecom Ipcs

    APP
    Splicecom
    1.3.4≤ 1.8.5
  • Splicecom Ipcs2

    APP
    Splicecom
    ≤ 2.8
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-33759CRITICAL9.8PL ✓ten sam vendor

Splicecom Maximiser Soft PBX — brak ograniczenia prób uwierzytelnienia (brute force)

CVE-2023-33758MEDIUM6.1ten sam vendor

Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting (XSS) vulnerabil...

CVE-2023-33760MEDIUM5.3ten sam vendor

SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue c...