Apple Inc.

Notified:  April 12, 2012 Updated: June 29, 2012

Status

  Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

    Asavie Technologies Ltd

    Updated:  September 21, 2012

    Status

      Not Affected

    Vendor Statement

    We provide a product called iSimplyConnect,which uses leverages Apple's SCEP client. We are not impacted by this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Cisco Systems, Inc.

    Notified:  April 12, 2012 Updated: June 29, 2012

    Status

      Not Affected

    Vendor Statement

    No statement is currently available from the vendor regarding this vulnerability.

    Vendor Information

    We are not aware of further vendor information regarding this vulnerability.

    Vendor References

      GlobalSign

      Updated:  March 29, 2013

      Status

        Not Affected

      Vendor Statement

      GlobalSign www.globalsign.com utilizes SCEP for certificate delivery to iOS devices. However we have mitigated the vulnerabilities outlined in 971035 by: 1)implementing unique and strong one time PINs to authenticate certificate invitation 2)Utilize unique 1-time SCEP URLs that optionally can be tied to Device ID 3)only allow authorized Enteprise PKI local RAs to register end user identity information using client authentication to access the ePKI portal 4)only issue identity information entered in the ePKI portal regardless of what is included in the CSR. Therefore,GlobalSign believes we are not affected by the vulnerabilities outlined in 971035.

      Vendor Information

      We are not aware of further vendor information regarding this vulnerability.

      McAfee

      Notified:  April 12, 2012 Updated: April 12, 2012

      Status

        Unknown

      Vendor Statement

      No statement is currently available from the vendor regarding this vulnerability.

      Vendor Information

      We are not aware of further vendor information regarding this vulnerability.

      Microsoft Corporation

      Notified:  April 05, 2012 Updated: June 29, 2012

      Status

        Not Affected

      Vendor Statement

      No statement is currently available from the vendor regarding this vulnerability.

      Vendor Information

      We are not aware of further vendor information regarding this vulnerability.

      Vendor References

        MobileIron

        Updated:  August 20, 2012

        Status

          Not Affected

        Vendor Statement

        No statement is currently available from the vendor regarding this vulnerability.

        Vendor Information

        We are not aware of further vendor information regarding this vulnerability.

        SilverbackMDM

        Updated:  July 04, 2012

        Status

          Not Affected

        Vendor Statement

        No statement is currently available from the vendor regarding this vulnerability.

        Vendor Information

        We are not aware of further vendor information regarding this vulnerability.

        Vendor References

        Zenprise

        Notified:  April 12, 2012 Updated: June 29, 2012

        Status

          Not Affected

        Vendor Statement

        No statement is currently available from the vendor regarding this vulnerability.

        Vendor Information

        We are not aware of further vendor information regarding this vulnerability.

        Vendor References