CVE-2014-7428 - CERT CVE
ID CVE-2014-7428
Sažetak The 7725.com Three Kingdoms (aka com.platform7725.youai.jiejian) application 2.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Reference
CVSS
Base: 5.4
Impact: 6.4
Exploitability:5.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:A/AC:M/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 14-11-2014 - 14:11
Objavljeno 19-10-2014 - 10:55