Back to search
CVE-2016-6709
Published: Nov 25, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
An information disclosure vulnerability in Conscrypt and BoringSSL in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a man-in-the-middle attacker to gain access to sensitive information if a non-standard cipher suite is used by an application. This issue is rated as High because it could be used to access data without permission. Android ID: A-31081987.
| Vendor | Product | Versions |
|---|---|---|
Google Inc. | Android | affected Android-6.0affected Android-6.0.1affected Android-7.0 |
References
94169
vdb-entry
x_refsource_BID
https://source.android.com/security/bulletin/2016-11-01.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now