CVE-2015-5851

The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext multipeer data via an encrypted-to-unencrypted downgrade attack.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Information

Published : 2015-09-18 04:00

Updated : 2016-12-21 19:00


NVD link : CVE-2015-5851

Mitre link : CVE-2015-5851


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

apple

  • mac_os_x
  • iphone_os