CVE-2016-4722
published 2016-09-25CVE-2016-4722: The IDS - Connectivity component in Apple iOS before 10 and OS X before 10.12 allows man-in-the-middle attackers to conduct Call Relay spoofing attacks and…
PriorityP428medium5.9CVSS 3.0
AVNACHPRNUINSUCNINAH
EPSS
3.31%
87.5th percentile
The IDS - Connectivity component in Apple iOS before 10 and OS X before 10.12 allows man-in-the-middle attackers to conduct Call Relay spoofing attacks and cause a denial of service via unspecified vectors.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | <= 9.3.5 | — |
| apple | mac_os_x | <= 10.11.6 | — |
| apple | macos_sierra | — | — |
CVSS provenance
nvdv3.05.9MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.07.1HIGHAV:N/AC:M/Au:N/C:N/I:N/A:C
GHSA
GHSA-wr6h-frm4-2487: The IDS - Connectivity component in Apple iOS before 10 and OS X before 10
ghsa_unreviewed·2022-05-17
CVE-2016-4722 [HIGH] CWE-20 GHSA-wr6h-frm4-2487: The IDS - Connectivity component in Apple iOS before 10 and OS X before 10
The IDS - Connectivity component in Apple iOS before 10 and OS X before 10.12 allows man-in-the-middle attackers to conduct Call Relay spoofing attacks and cause a denial of service via unspecified vectors.
Apple
CVE-2016-4722: macOS Sierra 10.12
vendor_apple·2016-09-20·CVSS 5.9
CVE-2016-4722 [MEDIUM] CVE-2016-4722: macOS Sierra 10.12
Apple Security Update: About the security content of macOS Sierra 10.12
Product: macOS Sierra
Version: 10.12
CVE: CVE-2016-4722
Component: IDS - Connectivity
Impact: An attacker in a privileged network position may be able to cause a denial of service
Description: A spoofing issue existed in the handling of Call Relay. This issue was addressed through improved input validation.
Apple
CVE-2016-4722: iOS 10
vendor_apple·2016-09-13·CVSS 5.9
CVE-2016-4722 [MEDIUM] CVE-2016-4722: iOS 10
Apple Security Update: About the security content of iOS 10
Product: iOS
Version: 10
CVE: CVE-2016-4722
Component: IDS - Connectivity
Impact: An attacker in a privileged network position may be able to cause a denial of service
Description: A spoofing issue existed in the handling of Call Relay. This issue was addressed through improved input validation.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.htmlhttp://lists.apple.com/archives/security-announce/2016/Sep/msg00008.htmlhttp://www.securityfocus.com/bid/93056http://www.securitytracker.com/id/1036858https://support.apple.com/HT207143https://support.apple.com/HT207170http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.htmlhttp://lists.apple.com/archives/security-announce/2016/Sep/msg00008.htmlhttp://www.securityfocus.com/bid/93056http://www.securitytracker.com/id/1036858https://support.apple.com/HT207143https://support.apple.com/HT207170
2016-09-25
Published