4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
56.9%
Android OS contains a vulnerability where a SSL certificate from an outside site is displayed when a user attempts to display a SSL certificate from a site that reads in contents from an outside site.
An attacker may trick the user into believing the site being visited is safe, which may lead to phishing attacks.
For Mobile Device Developers
Apply the update according to the information provided by Google.
For Mobile Device Users
For more information, please refer to the βVendor Statusβ below.
This issue has been resolved in Android OS 2.2.