Network Traffic Interception Vulnerability in Apple Music for Android
CVE-2023-32427

5.9MEDIUM

Key Information:

Vendor: Apple
Status: Apple Music For Android
Vendor: CVE Published:; 28 July 2023

What is CVE-2023-32427?

A network security vulnerability has been identified in Apple Music for Android, allowing an attacker with privileged access to intercept sensitive network traffic. This flaw, resolved in version 4.2.0, emphasizes the importance of using HTTPS to safeguard data transmitted over the internet. Users are encouraged to update to the latest version to ensure their data remains secure.

Affected Version(s)

Apple Music for Android < 4.2

References

https://support.apple.com/en-us/HT213833

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 28, 2023
Vulnerability Reserved
May 8, 2023