Lucene search

PRIOn knowledge basePRION:CVE-2013-5149

HistorySep 19, 2013 - 10:28 a.m.

Design/Logic Flaw

2013-09-1910:28:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

44.3%

JSON

The Push Notifications subsystem in Apple iOS before 7 provides the push-notification token to an app without user approval, which allows attackers to obtain sensitive information via an app that employs a crafted push-notification registration process.

CPENameOperatorVersion
iphone_oseq6.1.2
iphone_oseq3.0
iphone_oseq3.2
iphone_oseq3.1.3
iphone_oseq1.0.2
iphone_oseq4.3.2
iphone_oseq4.0.2
iphone_osle6.1.4
iphone_oseq2.2
iphone_oseq1.1.1

Name	Operator	Version
iphone_os	eq	6.1.2
iphone_os	eq	3.0
iphone_os	eq	3.2
iphone_os	eq	3.1.3
iphone_os	eq	1.0.2
iphone_os	eq	4.3.2
iphone_os	eq	4.0.2
iphone_os	le	6.1.4
iphone_os	eq	2.2
iphone_os	eq	1.1.1

Rows per page:

1-10 of 481

References

lists.apple.com/archives/security-announce/2013/Sep/msg00006.html

secunia.com/advisories/54886

support.apple.com/kb/HT5934

www.securitytracker.com/id/1029054

5.2 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

44.3%

JSON

Related for PRION:CVE-2013-5149