Misys FusionCapital Opics Plus does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate. <a href"http://cwe.mitre.org/data/definitions/295.html">CWE-295: Improper Certificate Validation</a>
Publication date: Wed, 20 Jul 2016 03:59:00 +0000