Описание
In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.2 (исключая)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00322
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-254
Связанные уязвимости
CVSS3: 5.9
github
больше 3 лет назад
In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.
EPSS
Процентиль: 55%
0.00322
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-254