First published: Thu Mar 24 2016(Updated: )
Security. Description: This issue was addressed by removing RC4.
Credit: Pepi Zawodsky Pepi Zawodsky Pepi Zawodsky Pepi Zawodsky product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Mac OS X Server | <=5.0.15 | |
Apple tvOS | <12 | 12 |
Apple macOS Mojave | <10.14 | 10.14 |
Apple watchOS | <5 | 5 |
Apple iOS | <12 | 12 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID for this issue is CVE-2016-1777.
CVE-2016-1777 has a severity rating of 7.5 (high).
The affected products include Apple tvOS up to version 12, Apple iOS up to version 12, Apple macOS Mojave up to version 10.14, Apple Mac OS X Server up to version 5.0.15, and Apple watchOS up to version 5.
CVE-2016-1777 allows remote attackers to defeat cryptographic protection mechanisms on web servers that use RC4 algorithm.
To mitigate CVE-2016-1777, update your Apple products to the recommended versions mentioned in the Apple support documentation.