| Vulnerability Name: | CVE-2010-1756 (CCN-59635) | ||||||||
| Assigned: | 2010-06-21 | ||||||||
| Published: | 2010-06-21 | ||||||||
| Updated: | 2022-08-09 | ||||||||
| Summary: | The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N) 4.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2010-1756 Source: APPLE Type: Mailing List, Vendor Advisory APPLE-SA-2010-06-21-1 Source: CCN Type: SA40257 Apple iOS Multiple Vulnerabilities Source: CCN Type: Apple Web site About the security content of iOS 4 Source: CONFIRM Type: Vendor Advisory http://support.apple.com/kb/HT4225 Source: CCN Type: OSVDB ID: 65706 Apple iOS Settings Application on iPhone / iPod Wireless Network Usage Reporting Weakness Source: BID Type: Third Party Advisory, VDB Entry 41016 Source: CCN Type: BID-41016 RETIRED: Apple iPhone/iPod touch Prior to iOS 4 Multiple Vulnerabilities Source: CCN Type: BID-41048 Apple iPhone/iPod touch Prior to iOS 4 Wireless Network Security Weakness Source: XF Type: UNKNOWN appleios-settings-weak-security(59635) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||