Vulnerabilities > CVE-2011-3255 - Credentials Management vulnerability in Apple Iphone OS
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
CFNetwork in Apple iOS before 5 stores AppleID credentials in an unspecified file, which makes it easier for remote attackers to obtain sensitive information via a crafted application.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
- http://support.apple.com/kb/HT4999
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70550
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70550
- http://support.apple.com/kb/HT4999