CVE-2018-2460

https://notcve.org/view.php?id=CVE-2018-2460

SAP Business One Android application, version 1.2, does not verify the certificate properly for HTTPS connection. This allows attacker to do MITM attack. La aplicación de Android SAP Business One 1.2 no verifica correctamente el certificado para la conexión HTTPS. Esto permite que los atacantes realicen ataques Man-in-the-Middle (MitM). • http://www.securityfocus.com/bid/105309 https://launchpad.support.sap.com/#/notes/2682503 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993 • CWE-295: Improper Certificate Validation •