Skip to main content

Business Lala Call

1 CVEs product

Monthly

CVE-2017-2104 MEDIUM PATCH This Month

The Business LaLa Call App for Android 1.4.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Business Lala Call
NVD
CVSS 3.0
5.9
EPSS
0.3%
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

The Business LaLa Call App for Android 1.4.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Google Information Disclosure Business Lala Call
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy