Описание
The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy.
The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-1679
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51212
- http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
- http://osvdb.org/55239
- http://support.apple.com/kb/HT3639
- http://www.securityfocus.com/bid/35414
- http://www.securityfocus.com/bid/35436
- http://www.vupen.com/english/advisories/2009/1621
EPSS
CVE ID
Связанные уязвимости
The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy.
EPSS