CVE-2014-7431
The Breeze Jersey (com.sc.breezeje.banking) Android application 1.0 does not verify X.509 certificates from SSL servers, enabling man-in-the-middle attackers to spoof servers and exfiltrate sensitive information via a crafted certificate. This is supported by the CVE-2014-7431 entries in NVD and ...