CVE-2014-4364

2014-09-18T10:55:00
ID CVE-2014-4364
Type cve
Reporter cve@mitre.org
Modified 2019-03-08T16:06:00

Description

The 802.1X subsystem in Apple iOS before 8 and Apple TV before 7 does not require strong authentication methods, which allows remote attackers to calculate credentials by offering LEAP authentication from a crafted Wi-Fi AP and then performing a cryptographic attack against the MS-CHAPv1 hash.