5.8

CVE-2013-4616

The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack that leverages the insufficient number of possible passphrases.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPhone OS Version <= 6.0
AppleiPhone OS Version1.0.0
AppleiPhone OS Version1.0.1
AppleiPhone OS Version1.0.2
AppleiPhone OS Version1.1.0
AppleiPhone OS Version1.1.1
AppleiPhone OS Version1.1.2
AppleiPhone OS Version1.1.3
AppleiPhone OS Version1.1.4
AppleiPhone OS Version1.1.5
AppleiPhone OS Version2.0
AppleiPhone OS Version2.0.0
AppleiPhone OS Version2.0.1
AppleiPhone OS Version2.0.2
AppleiPhone OS Version2.1
AppleiPhone OS Version2.1.1
AppleiPhone OS Version2.2
AppleiPhone OS Version2.2.1
AppleiPhone OS Version3.0
AppleiPhone OS Version3.0.1
AppleiPhone OS Version3.1
AppleiPhone OS Version3.1.2
AppleiPhone OS Version3.1.3
AppleiPhone OS Version3.2
AppleiPhone OS Version3.2.1
AppleiPhone OS Version3.2.2
AppleiPhone OS Version4.0
AppleiPhone OS Version4.0.1
AppleiPhone OS Version4.0.2
AppleiPhone OS Version4.1
AppleiPhone OS Version4.2.1
AppleiPhone OS Version4.2.5
AppleiPhone OS Version4.2.8
AppleiPhone OS Version4.3.0
AppleiPhone OS Version4.3.1
AppleiPhone OS Version4.3.2
AppleiPhone OS Version4.3.3
AppleiPhone OS Version4.3.5
AppleiPhone OS Version5.0
AppleiPhone OS Version5.0.1
AppleiPhone OS Version5.1
AppleiPhone OS Version5.1.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.93% 0.558
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.8 6.5 6.4
AV:A/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
Vendor Advisory
http://secunia.com/advisories/54886
Vendor Advisory
http://support.apple.com/kb/HT5934
http://www.securitytracker.com/id/1029054
http://lists.owasp.org/pipermail/owasp-mobile-security-project/2013-June/000640.html
http://www1.cs.fau.de/filepool/projects/hotspot/hotspot.pdf
http://www1.cs.fau.de/hotspot