CVE-2017-2411: Medium severity apple ios and ipados vulnerability
Calculator. Exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.
Other sources
In iOS before 11.2, exchange rates were retrieved from HTTP rather than HTTPS. This was addressed by enabling HTTPS for exchange rates.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2017-7164
- CVE-2017-13905
- CVE-2017-2411
- CVE-2017-7172
- CVE-2017-7171
- CVE-2017-7151
- CVE-2017-13847
- CVE-2017-7162
- CVE-2017-13879
- CVE-2017-13861
- CVE-2017-13904
- CVE-2017-5754
- CVE-2017-13862
- CVE-2017-13867
- CVE-2017-13876
- CVE-2017-7173
- CVE-2017-13855
- CVE-2017-13865
- CVE-2017-13868
- CVE-2017-13869
- CVE-2017-7154
- CVE-2017-13880
- CVE-2017-13874
- CVE-2017-13860
- CVE-2017-7152
- CVE-2017-13888
- CVE-2017-13891
- CVE-2017-13885
- CVE-2017-7165
- CVE-2017-13884
- CVE-2017-7153
- CVE-2017-7156
- CVE-2017-7157
- CVE-2017-13856
- CVE-2017-13870
- CVE-2017-7160
- CVE-2017-13866
- CVE-2017-13080
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2017-2411.
What is the severity of CVE-2017-2411?
The severity of CVE-2017-2411 is medium, with a severity value of 5.9.
What is the affected software?
The affected software is Apple iOS up to version 11.2.
How was this vulnerability addressed?
This vulnerability was addressed by enabling HTTPS for exchange rates in iOS 11.2.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability in the following references: [Apple Support - HT208334](https://support.apple.com/HT208334) and [Apple Support - HT208334 (en-US)](https://support.apple.com/en-us/HT208334).