cpe:/a:dot_it:banque_zitouna:2.1::~~~iphone_os~~ CVE-2017-5914 2017-05-05T03:29:00.700-04:00 2017-05-16T14:42:46.140-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov 2017-05-16T14:24:41.627-04:00 MISC https://medium.com/@chronic_9612/follow-up-76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-64185035029f The DOT IT Banque Zitouna app 2.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.