Bypassing Single-Cookie Restriction in CFNetwork Cookies Subsystem in Apple iOS

Bypassing Single-Cookie Restriction in CFNetwork Cookies Subsystem in Apple iOS

CVE-2015-3801 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors.

Learn more about our Cis Benchmark Audit For Apple Ios.