CVE-2013-0963Improper Input Validation in Apple Iphone OS

CWE-20Improper Input Validation11 documents3 sources
Severity
2.1LOWNVD
EPSS
0.0%
top 89.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Iphone OS
Timeline
PublishedJan 29
Latest updateMay 17

Description

Identity Services in Apple iOS before 6.1 does not properly handle validation failures of AppleID certificates, which might allow physically proximate attackers to bypass authentication by leveraging an incorrect assignment of an empty string value to an AppleID.

CVSS vector

AV:L/AC:L/C:N/I:P/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDapple/iphone_os6.0.2+2

🔴Vulnerability Details

1
GHSA
GHSA-rqhc-47vh-6vc7: Identity Services in Apple iOS before 62022-05-17

💬Community

8
Bugzilla
CVE-2013-2442 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)2013-06-19
Bugzilla
CVE-2013-2462 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)2013-06-19
Bugzilla
CVE-2013-2466 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)2013-06-19
Bugzilla
CVE-2013-3744 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)2013-06-19
Bugzilla
CVE-2013-2400 Oracle JDK: unspecified vulnerability fixed in 7u25 (Deployment)2013-06-19
CVE-2013-0963 — Improper Input Validation in Apple | cvebase