← back
CVE-2015-5858

CVE-2015-5858

EPSS 2.2%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
18 Sep 2015Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remote attackers to bypass the HSTS protection mechanism, and consequently obtain sensitive information, via a crafted URL.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.htmlhttp://lists.apple.com/archives/security-announce/2015/Sep/msg00008.htmlhttps://support.apple.com/HT205212https://support.apple.com/HT205267http://www.securityfocus.com/bid/76764http://www.securitytracker.com/id/1033609