Medium severity5.9NVD Advisory· Published Jun 9, 2017· Updated May 13, 2026

CVE-2016-7805

Description

The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Affected products

Unisys/Mobigate2 versions
cpe:2.3:a:unisys:mobigate:*:*:*:*:*:android:*:*+ 1 more
- cpe:2.3:a:unisys:mobigate:*:*:*:*:*:android:*:*range: <=2.2.1.2
- cpe:2.3:a:unisys:mobigate:*:*:*:*:*:iphone_os:*:*range: <=2.2.4.1
Nihon Unisys, Ltd./Mobigate App For Androidv5
Range: version 2.2.1.2 and earlier

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/94085nvdThird Party AdvisoryVDB Entry
jvn.jp/en/jp/JVN27260483/index.htmlnvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.384
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000