Apple · Ios · CVE-2014-4449
**Name of the Vulnerable Software and Affected Versions**
Apple iOS versions prior to 8.1
**Description**
The issue concerns the iCloud Data Access feature in Apple iOS, which fails to verify X.509 certificates from TLS servers. This allows man-in-the-middle attackers to spoof servers and obtain sensitive information by using a crafted certificate.
**Recommendations**
For versions prior to 8.1, update to version 8.1 or later to resolve the issue.