| Vulnerability Name: | CVE-2013-5164 (CCN-88239) | ||||||||
| Assigned: | 2013-10-22 | ||||||||
| Published: | 2013-10-22 | ||||||||
| Updated: | 2013-10-24 | ||||||||
| Summary: | Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by visiting the Contacts pane. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 3.3 Low (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N) 2.5 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-362 | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: MITRE Type: CNA CVE-2013-5164 Source: APPLE Type: Vendor Advisory APPLE-SA-2013-10-22-1 Source: CCN Type: SA55447 Apple iOS Passcode Lock Security Bypass Multiple Weaknesses Source: CCN Type: Apple Web site About the security content of iOS 7.0.3 Source: CCN Type: BID-63278 Apple iOS 7 for iPhone CVE-2013-5164 Local Security Bypass Vulnerability Source: XF Type: UNKNOWN apple-phone-cve20135164(88239) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||