CVE-2014-6714
The CVE-2014-6714 entry concerns the WebMD Android app (com.webmd.android) version 3.5, which does not verify X.509 certificates from SSL servers. This allows a man-in-the-middle to spoof servers and read or alter sensitive data communicated over TLS. The NVD metrics show a CVSSv2 base score of 5...