CVE-2014-1350

medium

Description

Settings in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended iCloud password requirement, and turn off the Find My iPhone service, by leveraging incorrect state management.

References

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

http://www.securityfocus.com/bid/68276

http://www.securitytracker.com/id/1030500

Details

Source: MITRE

Published: 2014-07-01

Updated: 2017-01-07

Type: CWE-264

Risk Information

CVSS v2

Base Score: 4.6

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.9

Severity: MEDIUM