CVE-2018-4172

Sažetak

An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Find My iPhone" component. It allows physically proximate attackers to bypass the iCloud password requirement for disabling the "Find My iPhone" feature via vectors involving a backup restore.

Reference

http://www.securityfocus.com/bid/103578
http://www.securitytracker.com/id/1040604
https://support.apple.com/HT208693

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

03-10-2019 - 00:03

Objavljeno

03-04-2018 - 06:29