DEPRECATED: Code

CVE-2015-5887

High

10/10

Summary

The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a Certificate Request message within a session in which no Server Key Exchange message has been sent, which allows remote attackers to have an unspecified impact via crafted TLS data.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: COMPLETE
Confidentiality Impact: COMPLETE
Availability Impact: COMPLETE

CWE-17 - DEPRECATED: Code

This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.

References

Advisory Timeline

Published Oct 09, 2015

DEPRECATED: Code

CVE-2015-5887

Summary

CWE-17 - DEPRECATED: Code

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS