X.509 Certificate Validation Vulnerability in Albasit Artes y Danza Android Application
CVE-2014-6990

Currently unrated

Key Information:

Vendor: Albasit Artes Y Danza Project
Status: Albasit Artes Y Danza
Vendor: CVE Published:; 16 October 2014

🔔 Create Albasit Artes Y Danza Project Vulnerability Alert

What is CVE-2014-6990?

The Albasit Artes y Danza application for Android (version 1.2) contains a critical security flaw that fails to properly validate X.509 certificates from SSL servers. This vulnerability opens the door for man-in-the-middle attackers, who could exploit the misconfiguration to spoof legitimate servers. By leveraging crafted SSL certificates, attackers can intercept sensitive information transmitted between the user and the intended server, endangering user privacy and data security.

References

http://www.kb.cert.org/vuls/id/582497

third-party-advisoryx_refsource_CERT-VN

https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJ...

x_refsource_MISC

http://www.kb.cert.org/vuls/id/561289

third-party-advisoryx_refsource_CERT-VN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2014
Vulnerability Reserved
Sep 19, 2014