2 matches found
CVE-2014-4449
iCloud Data Access in Apple iOS before 8.1 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-4449
CVE-2014-4449 affects Apple iOS prior to 8.1: iCloud Data Access clients fail to validate TLS X.509 certificates, allowing MITM attackers to spoof servers and read sensitive data. The vulnerability is described in multiple sources (NVD/NVD clustering and Apple advisory), with impact stated as exp...