Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-2493

Опубликовано: 03 апр. 2018
Источник: nvd
CVSS3: 6.5
CVSS2: 4.3
EPSS Низкий

Описание

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted elements on a web site.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Версия до 10.1 (исключая)
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Версия до 10.3 (исключая)
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
Версия до 10.2 (исключая)
Конфигурация 2

Одновременно

cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*
Версия до 6.2 (исключая)
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 51%
0.00281
Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-223w-gw69-mqfh

CVSS3: 6.5
github
около 3 лет назад

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted elements on a web site.

EPSS

Процентиль: 51%
0.00281
Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200