Vulnerability Name: | CVE-2014-1360 (CCN-94134) | ||||||||
Assigned: | 2014-06-30 | ||||||||
Published: | 2014-06-30 | ||||||||
Updated: | 2017-01-07 | ||||||||
Summary: | Lockdown in Apple iOS before 7.1.2 does not properly verify data from activation servers, which makes it easier for physically proximate attackers to bypass the Activation Lock protection mechanism via unspecified vectors. | ||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N) 1.6 Low (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-20 | ||||||||
Vulnerability Consequences: | Bypass Security | ||||||||
References: | Source: APPLE Type: UNKNOWN APPLE-SA-2014-06-30-3 Source: APPLE Type: UNKNOWN APPLE-SA-2014-09-17-1 Source: MITRE Type: CNA CVE-2014-1360 Source: CCN Type: Apple Web site About the security content of iOS 7.1.2 Source: CONFIRM Type: UNKNOWN http://support.apple.com/kb/HT6441 Source: BID Type: UNKNOWN 68276 Source: CCN Type: BID-68276 Apple iOS Prior to 7.1.2 Multiple Security Vulnerabilities Source: SECTRACK Type: UNKNOWN 1030500 Source: XF Type: UNKNOWN appleios-lockdown-cve20141360-sec-bypass(94134) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |