SSL/TLS Server Certificate Verification Vulnerability in SumaHo Application

SSL/TLS Server Certificate Verification Vulnerability in SumaHo Application

CVE-2014-7242 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The SumaHo application 3.0.0 and earlier for Android and the SumaHo "driving capability" diagnosis result transmission application 1.2.2 and earlier for Android allow man-in-the-middle attackers to spoof servers and obtain sensitive information by leveraging failure to verify SSL/TLS server certificates.

Learn more about our Cis Benchmark Audit For Google Android.