Detections
Analytics

Apple iOS < 8.4 Multiple Vulnerabilities (Logjam)

high Nessus Plugin ID 84490

Language:

Synopsis

The version of iOS running on the mobile device is affected by multiple vulnerabilities.

Description

The mobile device is running a version of iOS prior to version 8.4. It is, therefore, affected by vulnerabilities in the following components :

 - Application Store
 - Certificate Trust Policy
 - CFNetwork HTTPAuthentication
 - CoreGraphics
 - CoreText
 - coreTLS
 - DiskImages
 - FontParser
 - ImageIO
 - Kernel
 - Mail
 - MobileInstallation
 - Safari
 - Security
 - SQLite
 - Telephony
 - WebKit
 - WiFi Connectivity

Solution

Upgrade to Apple iOS version 8.4 or later.

See Also

http://www.nessus.org/u?26c23cd2

https://support.apple.com/en-us/HT204941

Plugin Details

Severity: High

ID: 84490

File Name: apple_ios_84_check.nbin

Version: 1.98

Type: local

Published: 7/1/2015

Updated: 9/4/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2015-3717

Vulnerability Information

CPE: cpe:/o:apple:iphone_os

Required KB Items: mdm/dependency/unlocked

Exploit Ease: No known exploits are available

Patch Publication Date: 6/30/2015

Vulnerability Publication Date: 6/30/2015

Reference Information

CVE: CVE-2013-1741, CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2015-1152, CVE-2015-1153, CVE-2015-1155, CVE-2015-1156, CVE-2015-1157, CVE-2015-3658, CVE-2015-3659, CVE-2015-3684, CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, CVE-2015-3689, CVE-2015-3690, CVE-2015-3694, CVE-2015-3703, CVE-2015-3710, CVE-2015-3717, CVE-2015-3719, CVE-2015-3721, CVE-2015-3722, CVE-2015-3723, CVE-2015-3724, CVE-2015-3725, CVE-2015-3726, CVE-2015-3727, CVE-2015-3728, CVE-2015-4000

BID: 63736, 72323, 72326, 72352, 72353, 74523, 74524, 74525, 74527, 74733

APPLE-SA: APPLE-SA-2015-06-30-1