Lucene search
Japan Vulnerability NotesJVN:72950786HistoryJul 30, 2014 - 12:00 a.m.
JVN#72950786: Outlook.com for Android contains an issue where it fails to verify SSL server certificates
2014-07-3000:00:00
Japan Vulnerability Notes
jvn.jp
10
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
29.7%
Outlook.com for Android contains an issue where it fails to verify SSL server certificates.
Impact
A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- Outlook.com versions prior to 7.8.2.12.49.7090
Related
prion
prion
Design/Logic Flaw
2014-08-14 05:01:00
cve
cve
CVE-2014-5239
2014-08-14 05:01:50
cvelist
cvelist
CVE-2014-5239
2014-08-14 01:00:00
securityvulns
securityvulns
Outlook.com for Android insufficient certificate validation
2014-08-18 00:00:00
Outlook.com for Android fails to validate server certificates
2014-08-18 00:00:00
nvd
nvd
CVE-2014-5239
2014-08-14 05:01:50
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
29.7%
Related for JVN:72950786