CVE-2015-6997

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 9.1

Description The issue is related to the X.509 certificate-trust implementation, which does not properly recognize the requirement for revocation checking. This makes it easier for attackers to conduct man-in-the-middle attacks by using a revoked certificate. The vulnerability can be exploited by a remote attacker to spoof endpoints.

Recommendations For versions prior to 9.1, update to iOS version 9.1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and using additional security measures to minimize the risk of exploitation.