CVE-2015-1115Improper Access Control in Apple Iphone OS

CWE-284Improper Access Control3 documents3 sources
Severity
4.4MEDIUMNVD
EPSS
0.1%
top 82.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple Iphone OSApple IOS
Timeline
PublishedApr 10
Latest updateMay 17

Description

The Telephony component in Apple iOS before 8.3 allows attackers to bypass a sandbox protection mechanism and access unintended telephone capabilities via a crafted app.

CVSS vector

AV:L/AC:M/C:P/I:P/A:PExploitability: 3.4 | Impact: 6.4

Affected Packages2 packages

Appleapple/ios8.3

🔴Vulnerability Details

1
GHSA
GHSA-hwm7-7gx2-6gr2: The Telephony component in Apple iOS before 82022-05-17

📋Vendor Advisories

1
Apple
CVE-2015-1115: iOS 8.3
CVE-2015-1115 — Improper Access Control in Apple | cvebase