CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-5648
https://notcve.org/view.php?id=CVE-2016-5648
Acer Portal app before 3.9.4.2000 for Android does not properly validate SSL certificates, which allows remote attackers to perform a Man-in-the-middle attack via a crafted SSL certificate. La aplicación de Acer Portal anterior a 3.9.4.2000 para Android no valida correctamente los certificados SSL, lo que permite a los atacantes remotos realizar un ataque Man-in-the-middle mediante un certificado SSL manipulado. • http://packetstormsecurity.com/files/137775/Acer-Portal-Android-Application-3.9.3.2006-Man-In-The-Middle.html http://seclists.org/fulldisclosure/2016/Jul/17 http://www.securityfocus.com/archive/1/538851/100/0/threaded https://www.kb.cert.org/vuls/id/690343 • CWE-295: Improper Certificate Validation •