CVE-2015-6999 - Vulnerability Details - OpenCVE

The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Iphone Os

Configuration 1 [-]

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html
http://www.securityfocus.com/bid/77268
http://www.securitytracker.com/id/1033929
https://support.apple.com/HT205370

History

No history.

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2015-10-23T10:00:00

Updated: 2024-08-06T07:36:35.181Z

Reserved: 2015-09-16T00:00:00

Link: CVE-2015-6999

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-10-23T10:59:08.413

Modified: 2024-11-21T02:36:01.240

Link: CVE-2015-6999

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-10-21T00:00:00", "descriptions": [{"lang": "en", "value": "The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-22T18:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"name": "APPLE-SA-2015-10-21-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/HT205370"}, {"name": "1033929", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1033929"}, {"name": "77268", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/77268"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2015-6999", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "APPLE-SA-2015-10-21-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"}, {"name": "https://support.apple.com/HT205370", "refsource": "CONFIRM", "url": "https://support.apple.com/HT205370"}, {"name": "1033929", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033929"}, {"name": "77268", "refsource": "BID", "url": "http://www.securityfocus.com/bid/77268"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:36:35.181Z"}, "title": "CVE Program Container", "references": [{"name": "APPLE-SA-2015-10-21-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.apple.com/HT205370"}, {"name": "1033929", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1033929"}, {"name": "77268", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/77268"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2015-6999", "datePublished": "2015-10-23T10:00:00", "dateReserved": "2015-09-16T00:00:00", "dateUpdated": "2024-08-06T07:36:35.181Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "80183356-E606-44CE-A2FB-584154EA6B7E", "versionEndIncluding": "9.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote attackers to spoof a valid certificate by leveraging access to a revoked certificate."}, {"lang": "es", "value": "El cliente OCSP en Apple iOS en versiones anteriores a 9.1 no verifica el vencimiento del certificado, lo que permite a atacantes remotos falsificar un certificado v\u00e1lido aprovechando el acceso a un certificado revocado."}], "id": "CVE-2015-6999", "lastModified": "2024-11-21T02:36:01.240", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-10-23T10:59:08.413", "references": [{"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"}, {"source": "product-security@apple.com", "url": "http://www.securityfocus.com/bid/77268"}, {"source": "product-security@apple.com", "url": "http://www.securitytracker.com/id/1033929"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/HT205370"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/77268"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1033929"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/HT205370"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-254"}], "source": "nvd@nist.gov", "type": "Primary"}]}