CVE-2019-8570

6.5MEDIUM

Key Information:

Vendor: Apple
Status: iOS; TV OS; Safari; Itunes For Windows
Vendor: CVE Published:; 27 October 2020

Summary

A logic issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, iCloud for Windows 7.10, iTunes 12.9.3 for Windows, Safari 12.0.3, tvOS 12.1.2. Processing maliciously crafted web content may disclose sensitive user information.

Affected Version(s)

iCloud for Windows < 7.10

iOS < 12.1

iTunes for Windows < 12.9

References

https://support.apple.com/en-us/HT209443

x_refsource_MISC

https://support.apple.com/en-us/HT209447

x_refsource_MISC

https://support.apple.com/en-us/HT209449

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 27, 2020
Vulnerability Reserved
Feb 18, 2019

.