CVE-2014-2001 in JR East Japanالمعلومات

الملخص

بحسب MITRE

The East Japan Railway Company JR East Japan application before 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

17/02/2014

إفشاء

19/06/2014

الاعتدال

تمت الموافقة

إدخال

VDB-70100

CPE

جاهز

CWE

CWE-310 (مؤكد)

CVSS

6.5 (VulDB)

EPSS

0.00152

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-2001
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-2001
CVE Details	https://www.cvedetails.com/cve/CVE-2014-2001/

التالي ▸نظرة عامة ◂ السابق

Might our Artificial Intelligence support you?

Check our Alexa App!