Insecure Certificate Verification in SNKRDUNK Market Place App for iOS

Insecure Certificate Verification in SNKRDUNK Market Place App for iOS

CVE-2021-20833 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate.

Learn more about our Cis Benchmark Audit For Apple Ios.