CVE-2014-7745 - CERT CVE
ID CVE-2014-7745
Sažetak The Flight Manager (aka com.flightmanager.view) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Reference
CVSS
Base: 5.4
Impact: 6.4
Exploitability:5.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:A/AC:M/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 14-11-2014 - 14:17
Objavljeno 21-10-2014 - 10:55