CVE-2014-7339
Description
The Cuanto Conoces A un Amigo (aka com.makeitpossible.CuantoConocesAunAmigo) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cuanto Conoces A un Amigo Android app fails to validate SSL certificates, enabling MITM attacks to steal sensitive data.
Vulnerability
The Cuanto Conoces A un Amigo (com.makeitpossible.CuantoConocesAunAmigo) application version 2.0 for Android does not verify X.509 certificates from SSL servers [1]. This means the app accepts any certificate presented during an HTTPS connection without validating it against a trusted certificate authority.
Exploitation
An attacker positioned on the same network as the victim (e.g., public Wi-Fi) can perform a man-in-the-middle attack by presenting a crafted certificate to the app. The app will accept the fraudulent certificate, allowing the attacker to intercept and potentially modify the HTTPS traffic.
Impact
Successful exploitation allows the attacker to view or modify network traffic that should have been protected by HTTPS. This can lead to disclosure of sensitive information, such as login credentials or personal data, depending on what the app transmits.
Mitigation
No official fix has been released for this application. Users are advised to uninstall the app and access any related services via a web browser instead, as recommended by CERT/CC [1]. The app may be obsolete or no longer supported.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- cpe:2.3:a:makeitpossible:cuanto_conoces_a_un_amigo:2:*:*:*:*:android:*:*
- Range: = 2.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.kb.cert.org/vuls/id/379657nvdUS Government Resource
- www.kb.cert.org/vuls/id/582497nvdUS Government Resource
- docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/editnvd
News mentions
0No linked articles in our index yet.