Improper Host Identification in CFNetwork Allows Information Disclosure
CVE-2012-3724 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
CFNetwork in Apple iOS before 6 does not properly identify the host portion of a URL, which allows remote attackers to obtain sensitive information by leveraging the construction of an HTTP request with an incorrect hostname derived from a malformed URL.
Learn more about our Cis Benchmark Audit For Apple Ios.