What the vulnerability does

01Description

Pandora iOS app prior to version 8.3.2 fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks.

Key dates

02Disclosure timeline

December 15, 2017 CVE published
August 5, 2024 Record updated