Detections
Analytics

Apple iOS < 7.1.1 Multiple Vulnerabilities

critical Nessus Plugin ID 73647

Language:

Synopsis

The version of iOS running on the mobile device is affected by multiple vulnerabilities.

Description

The mobile device is running a version of iOS that is prior to version 7.1.1. It is, therefore, affected by vulnerabilities in the following components :

 - CFNetwork HTTPProtocol
 - IOKit Kernel
 - Secure Transport
 - WebKit

Solution

Upgrade to Apple iOS 7.1.1 or later.

See Also

https://support.apple.com/en-us/HT201222

https://www.securityfocus.com/archive/1/531902

Plugin Details

Severity: Critical

ID: 73647

File Name: apple_ios_711_check.nbin

Version: 1.104

Type: local

Published: 3/22/2014

Updated: 9/4/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2014-1303

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Required KB Items: mdm/dependency/unlocked

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/22/2014

Vulnerability Publication Date: 7/10/2013

Reference Information

CVE: CVE-2013-2871, CVE-2014-1295, CVE-2014-1296, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1320, CVE-2014-1713

BID: 61054, 66242, 66243, 66572, 66573, 66574, 66575, 66576, 66577, 66578, 66579, 66581, 66583, 66585, 66586, 66587, 67024, 67025, 67027

APPLE-SA: APPLE-SA-2014-04-22-2