PT-2015-7069 · Apple · Xcode
Published
2015-09-18
·
Updated
2016-12-22
·
CVE-2015-5910
CVSS v2.0
3.3
Low
| Vector | AV:A/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Xcode versions prior to 7.0
Description
The issue concerns the IDE Xcode Server in Apple Xcode, where server traffic is not properly encrypted. This allows remote attackers to obtain sensitive information by sniffing the network.
Recommendations
For versions prior to 7.0, update to version 7.0 or later to ensure that server traffic is encrypted.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Xcode