CVE-2016-1730

MEDIUM

iPhone OS < 9.2 - Cookie Manipulation via Crafted Captive Portal

Title source: llm
STIX 2.1

Description

WebSheet in Apple iOS before 9.2.1 allows remote attackers to read or write to cookies by operating a crafted captive portal.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1034737
Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT205732

Scores

CVSS v3 5.4
EPSS 0.0127
EPSS Percentile 66.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Details

CWE
CWE-19 CWE-200
Status published
Products (1)
apple/iphone_os < 9.2
Published Feb 01, 2016
Tracked Since Feb 18, 2026