Unrated severityNVD Advisory· Published Oct 14, 2011· Updated Jun 16, 2026
CVE-2011-3427
CVE-2011-3427
Description
The Data Security component in Apple iOS before 5 and Apple TV before 4.4 does not properly restrict use of the MD5 hash algorithm within X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
35cpe:2.3:a:apple:apple_tv:4.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:apple:apple_tv:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:apple_tv:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:apple_tv:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:apple_tv:4.3:*:*:*:*:*:*:*
- (no CPE)range: <4.4
cpe:2.3:o:apple:iphone_os:3.0:-:iphone:*:*:*:*:*+ 28 more
- cpe:2.3:o:apple:iphone_os:3.0:-:iphone:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.1.2:-:iphone:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.1.3:-:iphone:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.1:-:iphone:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.1:-:ipodtouch:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.2.1:-:ipad:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.2:-:iphone:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.2:-:ipodtouch:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.0.1:-:iphone:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.0.1:-:ipodtouch:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.0:-:iphone:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.0:-:ipodtouch:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.5:-:ipad:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.5:-:ipodtouch:*:*:*:*:*
- Range: <5
Patches
Vulnerability mechanics
References
7- lists.apple.com/archives/Security-announce/2011//Oct/msg00001.htmlnvdVendor Advisory
- lists.apple.com/archives/Security-announce/2011//Oct/msg00002.htmlnvdVendor Advisory
- support.apple.com/kb/HT4999nvdVendor Advisory
- support.apple.com/kb/HT5001nvdVendor Advisory
- lists.apple.com/archives/security-announce/2013/Oct/msg00004.htmlnvd
- osvdb.org/76326nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/70547nvd
News mentions
0No linked articles in our index yet.