nvd-json-data-feeds/CVE-2014/CVE-2014-12xx/CVE-2014-1266.json

{
  "id": "CVE-2014-1266",
  "sourceIdentifier": "product-security@apple.com",
  "published": "2014-02-22T17:05:21.767",
  "lastModified": "2019-03-08T16:06:29.247",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "The SSLVerifySignedServerKeyExchange function in libsecurity_ssl/lib/sslKeyExchange.c in the Secure Transport feature in the Data Security component in Apple iOS 6.x before 6.1.6 and 7.x before 7.0.6, Apple TV 6.x before 6.0.2, and Apple OS X 10.9.x before 10.9.2 does not check the signature in a TLS Server Key Exchange message, which allows man-in-the-middle attackers to spoof SSL servers by (1) using an arbitrary private key for the signing step or (2) omitting the signing step."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n SSLVerifySignedServerKeyExchange en libsecurity_ssl/lib/sslKeyExchange.c la funcionalidad Secure Transport en el componente Data Security en Apple iOS 6.x anterior a 6.1.6 y 7.x anterior a 7.0.6, Apple TV 6.x anterior a 6.0.2 y Apple OS X 10.9.x anterior a 10.9.2 no comprueba la firma en un mensaje TLS Server Key Exchange, lo que permite a atacantes man-in-the-middle falsificar servidores SSL mediante (1) el uso de una clave privada arbitraria para el paso de la firma o (2) la omisi\u00f3n del paso de la firma."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.8
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE0068D-C699-4646-9658-610409925A79"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87C215DD-BC98-4283-BF13-69556EF7CB78"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C3966E-C136-47A9-B5B4-70613756ED27"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22AD2A1F-A637-47DE-A69F-DAE4ABDFA4BD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6D398B8-821B-4DE9-ADF1-4983051F964C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0CCE5F2-4D32-404B-BAAC-E64F11BD41FB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D54D4BD4-0C6C-4125-ABC8-9FC1E804E530"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:6.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED1FADB5-2390-4F49-A1A3-0B8EAB652ADB"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48A5310-A589-4E9B-99BC-F840CC1A6A44"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F241EBFB-CCB3-4D16-B476-AC1578D3C435"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:tvos:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5365205F-B91D-4123-8CFD-EA42E0DEA944"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:tvos:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8C7F676-5ACC-4330-9591-465CA8AF77AA"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07A11433-B725-4BD6-B998-4B3637F061EC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD62141-07B1-4E3D-80BC-25D519F90DBD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9737BD4-B4F4-4291-A1E9-B692ECBC657E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6160869-944D-4E34-BB81-6A1259D692B1"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "090CAC3C-4B20-46E5-A8C7-950B7E1DB5E9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:iphone_os:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E96F77DD-0962-4E55-97A2-9BC2FE01D8A8"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://it.slashdot.org/comments.pl?sid=4821073&cid=46310187",
      "source": "product-security@apple.com"
    },
    {
      "url": "http://support.apple.com/kb/HT6146",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://support.apple.com/kb/HT6147",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://support.apple.com/kb/HT6148",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://support.apple.com/kb/HT6150",
      "source": "product-security@apple.com"
    },
    {
      "url": "https://news.ycombinator.com/item?id=7281378",
      "source": "product-security@apple.com"
    },
    {
      "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-23.html",
      "source": "product-security@apple.com"
    },
    {
      "url": "https://www.cs.columbia.edu/~smb/blog/2014-02/2014-02-24.html",
      "source": "product-security@apple.com"
    },
    {
      "url": "https://www.imperialviolet.org/2014/02/22/applebug.html",
      "source": "product-security@apple.com",
      "tags": [
        "Exploit"
      ]
    }
  ]
}