CVE-2017-13864

Sažetak

An issue was discovered in certain Apple products. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. The issue involves the "APNs Server" component. It allows man-in-the-middle attackers to track users by leveraging mishandling of client certificates.

Reference

http://www.securityfocus.com/bid/102192
http://www.securitytracker.com/id/1040013
https://support.apple.com/HT208326
https://support.apple.com/HT208328

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

28-12-2017 - 18:10

Objavljeno

25-12-2017 - 21:29