CVE-2014-1350

medium

Description

Settings in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended iCloud password requirement, and turn off the Find My iPhone service, by leveraging incorrect state management.

References

http://www.securitytracker.com/id/1030500

http://www.securityfocus.com/bid/68276

http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html

Details

Source: Mitre, NVD

Published: 2014-07-01

Updated: 2017-01-07

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Medium