Vulnerabilities > CNN
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-10-02 | CVE-2014-6883 | Cryptographic Issues vulnerability in CNN Cnnmoney Portfolio for Stocks 1.0.2 The CNNMoney Portfolio for stocks (aka com.cnn.portfolio) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |
2014-09-11 | CVE-2014-5869 | Cryptographic Issues vulnerability in CNN Cnnmoney Portfolio 1.03 The CNNMoney Portfolio (aka com.cnn.cnnmoney) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.4 |