CVE-2014-7042 in My nTelosinformazioni

Riassunto

di MITRE

** DISPUTED ** The My nTelos (aka com.telespree.ntelospostpay) application 1.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: nTelos Wireless has indicated that this vulnerability report is incorrect.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Prenotare

19/09/2014

Divulgazione

16/10/2014

Moderazione

accettato

CPE

pronto

EPSS

0.00266

KEV

no

Attività

molto basso

Fonti

Want to stay up to date on a daily basis?

Enable the mail alert feature now!