Design/Logic Flaw

2014-09-1810:55:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.6%

JSON

Mail in Apple iOS before 8 does not prevent sending a LOGIN command to a LOGINDISABLED IMAP server, which allows remote attackers to obtain sensitive cleartext information by sniffing the network.

CPENameOperatorVersion
iphone_oseq7.0.4
iphone_oseq7.1.1
iphone_osle7.1.2
iphone_oseq7.0.5
iphone_oseq7.1
iphone_oseq7.0.6
iphone_oseq7.0.1
iphone_oseq7.0.2
iphone_oseq7.0
iphone_oseq7.0.3

Name	Operator	Version
iphone_os	eq	7.0.4
iphone_os	eq	7.1.1
iphone_os	le	7.1.2
iphone_os	eq	7.0.5
iphone_os	eq	7.1
iphone_os	eq	7.0.6
iphone_os	eq	7.0.1
iphone_os	eq	7.0.2
iphone_os	eq	7.0
iphone_os	eq	7.0.3