CVE-2009-2794
Published Sep 10, 2009
Last updated 7 years ago
Overview
- Description
- The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended Microsoft Exchange restrictions by choosing a large Require Passcode time value.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-362
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1641DDFA-3BF1-467F-8EC3-98114FF9F07B"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A66D6DC-9A48-4BD6-9E01-0D9FF388457C"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C59B8C50-BF5D-4E9A-8E5B-99B34E974B5A"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D06D54D-97FD-49FD-B251-CC86FBA68CA6"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4CE4199-BBF5-4F42-8BBC-BD946079C912"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25A5D868-0016-44AB-80E6-E5DF91F15455"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34346F55-4972-427B-8F96-780FA91DB95D"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C14EEA4-6E35-4EBE-9A43-8F6D69318BA0"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B15E90AE-2E15-4BC2-B0B8-AFA2B1297B03"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.2:-:ipodtouch:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE65CA8B-68CB-428C-AC32-6F9100F9E507"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E0C0A8D-3DDD-437A-BB3D-50FAEAF6C440"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:-:ipodtouch:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD136376-331D-494F-9D12-7E631546E8CB"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "863383DA-0BC6-4A96-835A-A96128EC0202"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.0:-:ipodtouch:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F07B3FE7-96B3-493A-A230-5642BA11FBDA"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CFF5BE7-2BF6-48CE-B74B-B1A05383C10F"
}
],
"operator": "OR"
}
]
}
]