CVE-2017-8058

CVE Database · CVE-2017-8058

CVE-2017-8058

· N/AModified

CVSS v3.1

N/A

EPSS

0.58%

Published

May 5, 2017

Modified

May 12, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call.

Weaknesses (CWE)

CWE-295

Affected Products (1)

atlassian · hipchatvulnerable

References (4)

http://www.securityfocus.com/bid/98318

Third Party AdvisoryVDB Entry

https://medium.com/%40chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f

http://www.securityfocus.com/bid/98318

Third Party AdvisoryVDB Entry

https://medium.com/%40chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f

KEV Catalog EPSS Scores Vendors All CVEs