Information Disclosure in IBM Notes Traveler Application for Android
CVE-2014-6130

Currently unrated

Key Information:

Vendor: IBM
Status: Notes Traveler
Vendor: CVE Published:; 4 November 2014

Summary

The IBM Notes Traveler application for Android versions prior to 9.0.1.3 is susceptible to an information disclosure vulnerability. This occurs due to the absence of a warning message when users select an HTTP session instead of HTTPS. Attackers can exploit this flaw to intercept communication, potentially exposing sensitive user data during transmission. Users should ensure they are using the most updated version of the application to protect against this vulnerability.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21688840

x_refsource_CONFIRM

http://www.securityfocus.com/bid/70871

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/96810

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Nov 4, 2014
Vulnerability Reserved
Sep 2, 2014