CVE-2017-7164: Input Validation
An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. The issue involves the "App Store" component. It allows man-in-the-middle attackers to spoof password prompts.
Other sources
App Store. An input validation issue was addressed through improved input validation.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2017-7164
- CVE-2017-13905
- CVE-2017-7172
- CVE-2017-7171
- CVE-2017-7151
- CVE-2017-7162
- CVE-2017-13861
- CVE-2017-13904
- CVE-2017-5754
- CVE-2017-13862
- CVE-2017-13867
- CVE-2017-13876
- CVE-2017-7173
- CVE-2017-13855
- CVE-2017-13865
- CVE-2017-13868
- CVE-2017-13869
- CVE-2017-7154
- CVE-2017-13885
- CVE-2017-7165
- CVE-2017-13884
- CVE-2017-7153
- CVE-2017-7156
- CVE-2017-7157
- CVE-2017-13856
- CVE-2017-13870
- CVE-2017-7160
- CVE-2017-13866
- CVE-2017-13080
- CVE-2017-2411
- CVE-2017-13847
- CVE-2017-13879
- CVE-2017-13880
- CVE-2017-13874
- CVE-2017-13860
- CVE-2017-7152
- CVE-2017-13888
- CVE-2017-13891
Frequently Asked Questions
What is CVE-2017-7164 vulnerability?
CVE-2017-7164 is an input validation issue in the App Store component on Apple products, allowing man-in-the-middle attackers to spoof password prompts.
Which Apple products are affected by CVE-2017-7164?
iOS before version 11.2 and tvOS before version 11.2 are affected by CVE-2017-7164.
How can I fix the CVE-2017-7164 vulnerability?
Update your iOS or tvOS to version 11.2 or later to fix the CVE-2017-7164 vulnerability.
What is the severity of the CVE-2017-7164 vulnerability?
The CVE-2017-7164 vulnerability has a severity rating of 5.9 (medium).
Where can I find more information about CVE-2017-7164?
You can find more information about CVE-2017-7164 on Apple's support website: [link](https://support.apple.com/HT208327)