CVE-2015-3756

Sažetak

The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust relationships by completing a dialog.

Reference

http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html
http://www.securityfocus.com/bid/76337
http://www.securitytracker.com/id/1033275
https://support.apple.com/kb/HT205030

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

24-12-2016 - 02:59

Objavljeno

16-08-2015 - 23:59