Lucene search

[email protected]CVE-2011-1418

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-1418

2022-10-0316:15:09

CWE-200

[email protected]

web.nvd.nist.gov

ipv6

slaac

vulnerability

apple ios

apple tv

cve-2011-1418

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.2%

JSON

The stateless address autoconfiguration (aka SLAAC) functionality in the IPv6 networking implementation in Apple iOS before 4.3 and Apple TV before 4.2 places the MAC address into the IPv6 address, which makes it easier for remote IPv6 servers to track users by logging source IPv6 addresses.

Affected configurations

NVD

Node

appleiphone_osRange≤4.2

appleiphone_osMatch1.0.0

appleiphone_osMatch1.0.1

appleiphone_osMatch1.0.2

appleiphone_osMatch1.1.0

appleiphone_osMatch1.1.1

appleiphone_osMatch1.1.2

appleiphone_osMatch1.1.3

appleiphone_osMatch1.1.4

appleiphone_osMatch1.1.5

appleiphone_osMatch2.0

appleiphone_osMatch2.0.0

appleiphone_osMatch2.0.1

appleiphone_osMatch2.0.2

appleiphone_osMatch2.1

appleiphone_osMatch2.1.1

appleiphone_osMatch2.2

appleiphone_osMatch2.2.1

appleiphone_osMatch3.0

appleiphone_osMatch3.0.1

appleiphone_osMatch3.1

appleiphone_osMatch3.1.2

appleiphone_osMatch3.1.3

appleiphone_osMatch3.2

appleiphone_osMatch3.2.1

appleiphone_osMatch3.2.2

appleiphone_osMatch4.0

appleiphone_osMatch4.0.1

appleiphone_osMatch4.0.2

appleiphone_osMatch4.1

Node

appleapple_tvMatch4.0

appletvosRange≤3.0.2

appletvosMatch1.0.0

appletvosMatch1.1.0

appletvosMatch2.0.0

appletvosMatch2.0.1

appletvosMatch2.0.2

appletvosMatch2.1.0

CPENameOperatorVersion
apple:iphone_osapple iphone osle4.2
apple:iphone_osapple iphone oseq1.0.0
apple:iphone_osapple iphone oseq1.0.1
apple:iphone_osapple iphone oseq1.0.2
apple:iphone_osapple iphone oseq1.1.0
apple:iphone_osapple iphone oseq1.1.1
apple:iphone_osapple iphone oseq1.1.2
apple:iphone_osapple iphone oseq1.1.3
apple:iphone_osapple iphone oseq1.1.4
apple:iphone_osapple iphone oseq1.1.5

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	le	4.2
apple:iphone_os	apple iphone os	eq	1.0.0
apple:iphone_os	apple iphone os	eq	1.0.1
apple:iphone_os	apple iphone os	eq	1.0.2
apple:iphone_os	apple iphone os	eq	1.1.0
apple:iphone_os	apple iphone os	eq	1.1.1
apple:iphone_os	apple iphone os	eq	1.1.2
apple:iphone_os	apple iphone os	eq	1.1.3
apple:iphone_os	apple iphone os	eq	1.1.4
apple:iphone_os	apple iphone os	eq	1.1.5

Rows per page:

1-10 of 301

References

lists.apple.com/archives/security-announce/2011//Mar/msg00003.html

lists.apple.com/archives/security-announce/2011//Mar/msg00005.html

support.apple.com/kb/HT4564

support.apple.com/kb/HT4565

Social References

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.9 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.2%

JSON

Related for CVE-2011-1418

nvd1 prion1 cvelist1