The Neon app 1.6.14 iOS does not verify X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| banconeon | neon | 1.6.14 |