exploitDog

CVE-2017-13874

Опубликовано: 25 дек. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail" component. It might allow remote attackers to bypass an intended encryption protection mechanism by leveraging incorrect S/MIME certificate selection.

Ссылки

http://www.securityfocus.com/bid/102097
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039953
Third Party Advisory
VDB Entry
https://support.apple.com/HT208334
Vendor Advisory
http://www.securityfocus.com/bid/102097
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039953
Third Party Advisory
VDB Entry
https://support.apple.com/HT208334
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 11.2 (исключая)

EPSS

Процентиль: 60%

0.00396

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-qcmg-94j3-vh32

CVSS3: 7.5

github

больше 3 лет назад

An issue was discovered in certain Apple products. iOS before 11.2 is affected. The issue involves the "Mail" component. It might allow remote attackers to bypass an intended encryption protection mechanism by leveraging incorrect S/MIME certificate selection.

EPSS

Процентиль: 60%

0.00396

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo