Security Advisory

CVE-2017-2448

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-04-02 01:36:00

Last updated 2024-08-05 13:55:05

Assigner apple

State PUBLISHED

Description

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. The issue involves the "Keychain" component. It allows man-in-the-middle attackers to bypass an iCloud Keychain secret protection mechanism by leveraging lack of authentication for OTR packets.

← Browse all CVEs View on cve.org ↗