VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Oct 14, 2011· Updated Apr 29, 2026

CVE-2011-3427

CVE-2011-3427

Description

The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict use of the MD5 hash algorithm within X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.

Affected products

33
  • Apple Inc./Apple Tv4 versions
    cpe:2.3:a:apple:apple_tv:4.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:apple:apple_tv:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_tv:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_tv:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:apple_tv:4.3:*:*:*:*:*:*:*
  • Apple Inc./Iphone Os29 versions
    cpe:2.3:o:apple:iphone_os:3.0:-:iphone:*:*:*:*:*+ 28 more
    • cpe:2.3:o:apple:iphone_os:3.0:-:iphone:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1.2:-:iphone:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1.3:-:iphone:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1:-:iphone:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2.1:-:ipad:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2:-:iphone:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.1:-:iphone:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.1:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0:-:iphone:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.5:-:ipad:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.5:-:ipodtouch:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.