PT-2017-17528 · Apple · Ios
Don Sparks
·
Publicado
2017-10-23
·
Atualizado
2019-10-03
·
CVE-2017-7133
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
iOS versions prior to 11
Description
The issue involves the
MobileBackup component and allows remote attackers to obtain sensitive cleartext information in certain circumstances by leveraging read access to a backup archive that was supposed to have been encrypted.Recommendations
For iOS versions prior to 11, update to version 11 or later to resolve the issue. As a temporary workaround, consider restricting access to backup archives to minimize the risk of exploitation.
Correção
Cleartext Transmission of Sensitive Information
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ios