CVE-2014-4352Apple Iphone OS vulnerability

CWE-3104 documents4 sources
Severity
2.1LOWNVD
EPSS
0.0%
top 87.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple Iphone OSApache Httpd
Timeline
PublishedSep 18
Latest updateMay 17

Description

Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information by obtaining this UID.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDapple/iphone_os7.1.2+9
apacheapache/httpd

🔴Vulnerability Details

1
GHSA
GHSA-v284-p88r-fh64: Address Book in Apple iOS before 8 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obta2022-05-17

📋Vendor Advisories

1
Apache
Apache httpd: CVE-2013-4352
CVE-2014-4352 — Apple Iphone OS vulnerability | cvebase