Lucene search

[email protected]CVE-2015-1108

HistoryApr 10, 2015 - 2:59 p.m.

CVE-2015-1108

2015-04-1014:59:23

CWE-200

[email protected]

web.nvd.nist.gov

cve-2015-1108

apple

ios

lock screen

passcode

authentication

nvd

security vulnerability

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.1%

JSON

The Lock Screen component in Apple iOS before 8.3 does not properly enforce the limit on incorrect passcode-authentication attempts, which makes it easier for physically proximate attackers to obtain access by making many passcode guesses.

Affected configurations

NVD

Node

appleiphone_osRange≤8.2

CPENameOperatorVersion
apple:iphone_osapple iphone osle8.2

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	le	8.2

References

lists.apple.com/archives/security-announce/2015/Apr/msg00002.html

www.securityfocus.com/bid/73978

www.securitytracker.com/id/1032050

support.apple.com/HT204661

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.6 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.1%

JSON

Related for CVE-2015-1108

prion1 cvelist1 nvd1 securityvulns2