Apple iOS < 7.1 Multiple Vulnerabilities
high Nessus Network Monitor Plugin ID 8155
Synopsis
The remote mobile device is running an outdated version of Apple iOS that is missing multiple security updates.Description
According to its banner, the remote Apple iOS device is missing a security update. Versions of Apple iOS prior to 7.1 are affected by vulnerabilities within the following components :- Backup
- Certificate Trust Policy
- Configuration Profiles
- CoreCapture
- Crash Reporting
- dyld
- FaceTime
- ImageIO
- IOKit HID Event
- iTunes Store
- Kernel
- Office Viewer
- Photos Backend
- Profiles
- Safari
- Find My iPhone status
- Springboard
- SpringBoard Lock Screen
- TelephonyUI Framework
- USB Host
- Video Driver
- WebKit
Solution
Upgrade to iOS version 7.1 or later.See Also
Plugin Details
Severity: High
ID: 8155
Family: Mobile Devices
Published: 3/11/2014
Updated: 3/6/2019
Dependencies: 8637
Risk Information
Risk Factor: High
CVSS v2.0
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Temporal Vector: CVSS2#E:ND/RL:OF/RC:C
CVSS v3.0
Base Score: 7.3
Temporal Score: 7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C
Vulnerability Information
CPE: cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Patch Publication Date: 3/10/2014
Vulnerability Publication Date: 3/10/2014
Reference Information
CVE: CVE-2012-2088, CVE-2013-6629, CVE-2014-2019, CVE-2013-5199, CVE-2013-5228, CVE-2013-5197, CVE-2014-1267, CVE-2014-1271, CVE-2014-1273, CVE-2014-1272, CVE-2014-1275, CVE-2014-1278, CVE-2014-1282, CVE-2014-1287, CVE-2013-6835, CVE-2013-5225, CVE-2013-2928, CVE-2013-2909, CVE-2014-1269, CVE-2013-5227, CVE-2013-2926, CVE-2014-1270, CVE-2013-5198, CVE-2013-6635, CVE-2013-5196, CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, CVE-2014-1294, CVE-2014-1252, CVE-2013-5133, CVE-2014-1274, CVE-2014-1276, CVE-2014-1277, CVE-2014-1281, CVE-2014-1284, CVE-2014-1285, CVE-2014-1286
IAVA: 2013-A-0048