Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2017-14582
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-30 Sep, 2017 | 01:29
Updated At-20 Apr, 2025 | 01:37

The Zoho Site24x7 Mobile Network Poller application before 1.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a self-signed certificate.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.9MEDIUM
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
CPE Matches
Zoho Corporation Pvt. Ltd.
zohocorp
>>site24x7_mobile_network_poller>>Versions up to 1.1.4(inclusive)
cpe:2.3:a:zohocorp:site24x7_mobile_network_poller:*:*:*:*:*:android:*:*
Weaknesses
CWE IDTypeSource
CWE-295Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/101091cve@mitre.org
Third Party Advisory
VDB Entry
https://wwws.nightwatchcybersecurity.com/2017/09/27/zoho-site24x7-mobile-network-poller-for-android-didnt-properly-validate-ssl-cve-2017-14582/cve@mitre.org
Third Party Advisory
http://www.securityfocus.com/bid/101091af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://wwws.nightwatchcybersecurity.com/2017/09/27/zoho-site24x7-mobile-network-poller-for-android-didnt-properly-validate-ssl-cve-2017-14582/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Change History
0Changes found
Details not found