RSS   Vulnerabilities for 'State bank anywhere'   RSS

2014-09-18
 
CVE-2014-5954

CWE-310
 

 
The State Bank Anywhere (aka com.sbi.SBIFreedomPlus) application 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

 

 >>> Vendor: SBI 2 Products
State bank anywhere
Sbi buddy


Copyright 2024, cxsecurity.com

 

Back to Top