7.4
CVE-2014-1266
- EPSS 5.72%
- Veröffentlicht 22.02.2014 17:05:21
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.72% | 0.92 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.4 | 2.2 | 5.2 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.
http://support.apple.com/kb/HT6150
http://it.slashdot.org/comments.pl?sid=4821073&cid=46310187
http://support.apple.com/kb/HT6146
http://support.apple.com/kb/HT6147
http://support.apple.com/kb/HT6148
https://news.ycombinator.com/item?id=7281378
https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html
https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html
https://www.imperialviolet.org/2014/02/22/applebug.html