CVE-2014-4364

2014-09-18T06:55:08
ID CVE-2014-4364
Type cve
Reporter NVD
Modified 2017-08-28T21:34:57

Description

The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.