CVE-2014-6823 - CERT CVE
ID CVE-2014-6823
Sažetak The kuailecaidengmi (aka com.licai.kuailecaidengmi) application 1.7.12.15 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Reference
CVSS
Base: 5.4
Impact: 6.4
Exploitability:5.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:A/AC:M/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 14-11-2014 - 14:01
Objavljeno 30-09-2014 - 10:55