Vulnerabilities > CVE-2017-2411 - 7PK - Security Features vulnerability in Apple Iphone OS

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
apple
CWE-254
NVD
Published: 2019-01-11
Updated: 2019-01-17

Summary

In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.

Vulnerable Configurations

Part Description Count
OS
Apple
164

Common Weakness Enumeration (CWE)

References