NA
CVSSv3

CVE-2014-6002

CVSSv4: NA | CVSSv3: NA | CVSSv2: 5.4 | VMScore: 640 | EPSS: 0.00071 | KEV: Not Included
Published: 22/09/2014 Updated: 21/11/2024

Vulnerability Summary

The DTE Energy (aka com.dteenergy.mydte) application 3.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.

Vulnerable Product Search on Vulmon Subscribe to Product

dteenergy dte energy 3.0.3