Vendor

Cnn

Products

CVEs

Across products

Status

Private

Products

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2014-6883		0.00	—	0.00		Oct 2, 2014	The CNNMoney Portfolio for stocks (aka com.cnn.portfolio) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5869		0.00	—	0.00		Sep 11, 2014	The CNNMoney Portfolio (aka com.cnn.cnnmoney) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6883Oct 2, 2014
risk 0.00cvss —epss 0.00
The CNNMoney Portfolio for stocks (aka com.cnn.portfolio) application 1.0.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2014-5869Sep 11, 2014
risk 0.00cvss —epss 0.00
The CNNMoney Portfolio (aka com.cnn.cnnmoney) application 1.03 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.