Vulnerability: Cryptographic Protection Bypass in iOS Profiles Component

Vulnerability: Cryptographic Protection Bypass in iOS Profiles Component

CVE-2017-2380 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the Simple Certificate Enrollment Protocol (SCEP) implementation in the "Profiles" component. It allows remote attackers to bypass cryptographic protection mechanisms by leveraging DES support.

Learn more about our Cis Benchmark Audit For Apple Ios.