漏洞信息详情
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iOS iCloud 权限许可和访问控制漏洞
- CNNVD编号:CNNVD-201402-235
- 危害等级: 中危
- CVE编号: CVE-2014-2019
- 漏洞类型: 权限许可和访问控制问题
- 发布时间: 2014-02-21
- 威胁类型: 本地
- 更新时间: 2019-09-30
- 厂 商: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
- 漏洞来源:
漏洞简介
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iCloud是美国苹果(CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple)公司的一款云服务,它支持存储音乐、照片、App和联系人等。
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iOS 7.04及之前的版本中的iCloud子系统中存在安全漏洞。物理位置临近的攻击者可通过输入任意iCloud Account Password和空的iCloud Account Description值利用该漏洞绕过既定的密码要求。关闭Find My iPhone服务或完成Delete Account操作,并使用其他的CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple ID账户关联此服务。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/cn/
参考网址
来源:CONFIRM
链接:http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/kb/HT6162
来源:MISC
链接:http://news.softpedia.com/news/Major-iOS-7-Security-Flaw-Discovered-Video-425011.sHTML
来源:MISC
链接:http://www.youtube.com/watch?v=QnPk4RRWjic
受影响实体
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iPhone_os:7.0.2
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iPhone_os:7.0.1
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iPhone_os:7.0
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iPhone_os:7.0.4
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iPhone_os:7.0.3
补丁
- CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iOS iCloud 权限许可和访问控制漏洞的修复措施
评论