exploitDog

CVE-2017-2498

Опубликовано: 22 мая 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. The issue involves the "Security" component. It allows attackers to bypass intended access restrictions via an untrusted certificate.

Ссылки

http://www.securityfocus.com/bid/98479
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038485
https://support.apple.com/HT207798
Vendor Advisory
http://www.securityfocus.com/bid/98479
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038485
https://support.apple.com/HT207798
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 10.3.1 (включая)

EPSS

Процентиль: 30%

0.00115

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-295

Связанные уязвимости

GHSA-5v4v-696p-48jf

CVSS3: 7.5

github

больше 3 лет назад

An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. The issue involves the "Security" component. It allows attackers to bypass intended access restrictions via an untrusted certificate.

EPSS

Процентиль: 30%

0.00115

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-295