Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 18/09/2014 Updated: 08/03/2019

CVSS v2 Base Score: 2.9 | Impact Score: 2.9 | Exploitability Score: 5.5

CVSS v3 Base Score: 5.6 | Impact Score: 4 | Exploitability Score: 1.2

VMScore: 258

Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N

The 802.1X subsystem in Apple iOS prior to 8 and Apple TV prior to 7 does not require strong authentication methods, which allows remote malicious users to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone os 7.0.4
apple iphone os 7.0.3
apple iphone os 7.0.2
apple iphone os 7.0.1
apple iphone os 7.0
apple iphone os 7.1.1
apple iphone os 7.0.6
apple iphone os 7.0.5
apple iphone os 7.1
apple iphone os
apple tvos
apple tvos 6.1.2
apple tvos 6.1.1
apple tvos 6.1
apple tvos 6.0.2
apple tvos 6.0.1
apple tvos 6.0

CWE-310 http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html https://support.apple.com/kb/HT6535 http://www.securitytracker.com/id/1030866 http://www.securityfocus.com/bid/69913 http://www.securityfocus.com/bid/69882 http://support.apple.com/kb/HT6442 http://support.apple.com/kb/HT6441 https://exchange.xforce.ibmcloud.com/vulnerabilities/96097 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-4364

Vulnerability Summary

References

Vulmon Search

About

Products

Connect