Lucene search
K

4 matches found

NVD
NVD
added 2014/09/23 10:55 a.m.13 views

CVE-2014-6683

The Open Electrical Webser aka com.wOpenElectricalWeb application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS5.9AI score0.00271EPSS
Exploits0References3
Prion
Prion
added 2014/09/23 10:55 a.m.12 views

Design/Logic Flaw

The Open Electrical Webser aka com.wOpenElectricalWeb application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.4CVSS6.4AI score0.00271EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/09/23 10:0 a.m.17 views

CVE-2014-6683

The Open Electrical Webser aka com.wOpenElectricalWeb application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9AI score0.00271EPSS
Exploits0References3
CVE
CVE
added 2014/09/23 10:0 a.m.38 views

CVE-2014-6683

The CVE-2014-6683 entry concerns the Open Electrical Webser (com.wOpenElectricalWeb) Android app version 0.1, which fails to verify X.509 certificates from SSL servers. Root cause: missing certificate verification in the app’s TLS handling. Consequence: MITM attackers could spoof servers and capt...

5.4CVSS6AI score0.00271EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder