CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-6130
https://notcve.org/view.php?id=CVE-2014-6130
The IBM Notes Traveler application before 9.0.1.3 for Android lacks a warning message during selection of an HTTP session, which makes it easier for remote attackers to obtain sensitive information by sniffing the network during a session in which the user had intended to use HTTPS. La aplicación IBM Notes Traveler anterior a 9.0.1.3 para Android le falta un mensaje de aviso durante la selección de una sesión HTTP, lo que facilita a atacantes remotos obtener información sensible mediante la captura de trafico de la red durante una sesión en la cual el usuario tuviera intención de utilizar HTTPS. • http://www-01.ibm.com/support/docview.wss?uid=swg21688840 http://www.kb.cert.org/vuls/id/432608 http://www.securityfocus.com/bid/70871 https://exchange.xforce.ibmcloud.com/vulnerabilities/96810 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •