Описание
House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.0.2 (включая)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00046
Низкий
1.9 Low
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents directory by obtaining this UID.
EPSS
Процентиль: 14%
0.00046
Низкий
1.9 Low
CVSS2
Дефекты
CWE-310