Vulnerabilities > MS INS > Sumaho Driving Capability Diagnosis > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-18 | CVE-2014-7242 | Improper Certificate Validation vulnerability in Ms-Ins Sumaho and Sumaho Driving Capability Diagnosis The SumaHo application 3.0.0 and earlier for Android and the SumaHo "driving capability" diagnosis result transmission application 1.2.2 and earlier for Android allow man-in-the-middle attackers to spoof servers and obtain sensitive information by leveraging failure to verify SSL/TLS server certificates. | 4.3 |