CVE-2014-1350

EUVD-2014-1428
Settings in Apple iOS before 7.1.2 allows physically proximate attackers to bypass an intended iCloud password requirement, and turn off the Find My iPhone service, by leveraging incorrect state management.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
appleiphone_os
𝑥
≤ 7.1.1
appleiphone_os
7.0
appleiphone_os
7.0.1
appleiphone_os
7.0.2
appleiphone_os
7.0.3
appleiphone_os
7.0.4
appleiphone_os
7.0.5
appleiphone_os
7.0.6
appleiphone_os
7.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html
http://www.securityfocus.com/bid/68276
http://www.securitytracker.com/id/1030500
http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html
http://www.securityfocus.com/bid/68276
http://www.securitytracker.com/id/1030500