CVE-2014-2001 in JR East Japaninformação

Sumário

de MITRE

The East Japan Railway Company JR East Japan application before 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information via a crafted certificate.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

17/02/2014

Divulgação

19/06/2014

Moderação

aceite

Entrada

VDB-70100

CPE

pronto

CWE

CWE-310 (confirmado)

CVSS

6.5 (VulDB)

EPSS

0.00152

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-2001
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-2001
CVE Details	https://www.cvedetails.com/cve/CVE-2014-2001/

◂ Voltar Visão Geral Próximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!