Vulnerability Details : CVE-2015-3728
The WiFi Connectivity feature in Apple iOS before 8.4 allows remote Wi-Fi access points to trigger an automatic association, with an arbitrary security type, by operating with a recognized ESSID within an 802.11 network's coverage area.
Exploit prediction scoring system (EPSS) score for CVE-2015-3728
Probability of exploitation activity in the next 30 days: 0.12%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 45 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-3728
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.8
|
MEDIUM | AV:A/AC:L/Au:N/C:P/I:P/A:N |
6.5
|
4.9
|
NIST |
CWE ids for CVE-2015-3728
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-3728
-
http://www.securityfocus.com/bid/75490
Apple iOS APPLE-SA-2015-06-30-1 Multiple Security Vulnerabilities
-
http://support.apple.com/kb/HT204941
About the security content of iOS 8.4 - Apple SupportVendor Advisory
-
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html
Apple - Lists.apple.comVendor Advisory
-
http://www.securitytracker.com/id/1032761
Apple iOS Flaws Let Remote Users Deny Service and Execute Arbitrary Code - SecurityTracker
Products affected by CVE-2015-3728
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*