Multiple User Account Cookie Bypass Vulnerability in Apple iOS

Multiple User Account Cookie Bypass Vulnerability in Apple iOS

CVE-2011-3257 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The Data Access component in Apple iOS before 5 does not properly handle the existence of multiple user accounts on the same mail server, which allows local users to bypass intended access restrictions in opportunistic circumstances by leveraging a different account's cookie.

Learn more about our Cis Benchmark Audit For Apple Ios.