The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-06-19T16:00:00
Updated: 2017-08-16T14:57:01
Reserved: 2009-05-20T00:00:00
Link: CVE-2009-1679
JSON object: View
NVD Information
Status : Modified
Published: 2009-06-19T16:30:00.327
Modified: 2022-08-09T13:48:58.777
Link: CVE-2009-1679
JSON object: View
Redhat Information
No data.
CWE