Lucene search
Japan Vulnerability NotesJVN:17637243HistoryAug 29, 2014 - 12:00 a.m.
JVN#17637243: Kindle App for Android fails to verify SSL server certificates
2014-08-2900:00:00
Japan Vulnerability Notes
jvn.jp
14
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.001
Percentile
25.9%
Kindle App for Android fails to verify SSL server certificates.
Impact
A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- Kindle App for Android versions prior to 4.5.0
Related
nvd
nvd
CVE-2014-3908
2014-08-30 09:55:05
cvelist
cvelist
CVE-2014-3908
2014-08-30 10:00:00
prion
prion
Information disclosure
2014-08-30 09:55:00
cve
cve
CVE-2014-3908
2014-08-30 10:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS
0.001
Percentile
25.9%
Related for JVN:17637243