MEDIUM🇬🇧 English

CVE-2014-5903

CVSS 5.4v2.0pub. 2014-09-15upd. 2026-05-06

The Mobile@Work (aka com.mobileiron) application 6.0.0.1.12R for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

oryginał EN
CVSS Vector
AV:A/AC:M/Au:N/C:P/I:P/A:P
  • Mobileiron Mobile\@work

    APP
    Mobileiron
    6.0.0.1.12r
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-35138CRITICAL9.8ten sam produkt

The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded encryption key, used to encry...

CVE-2020-35137HIGH7.5ten sam produkt

The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to communicate ...

CVE-2021-3391MEDIUM5.3ten sam produkt

MobileIron Mobile@Work through 2021-03-22 allows attackers to distinguish among valid, disabled, and nonexiste...

CVE-2020-15505CRITICAL9.8⚠ KEVten sam vendor

A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, ...

CVE-2020-15506CRITICAL9.8ten sam vendor

An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0,...