2 matches found
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6846, CVE-2014-6847. Reason: this ID was intended for one issue, but was assigned to two issues by a CNA. Notes: All CVE users should consult CVE-2014-6846 and CVE-2014-6847 to determine which ID is appropriate. All reference...
CVE-2014-6846
CVE-2014-6846 concerns the Android app “The Four Seasons Beverly Hills” (com.intelitycorp.FourSeasons.android.ice, package @7F050007). The vulnerability is that the app does not verify X.509 certificates from SSL servers, enabling an attacker in a man‑in‑the‑middle position to spoof servers and o...