exploitDog

CVE-2018-4168

Опубликовано: 03 апр. 2018

Источник: nvd

CVSS3: 4.6

CVSS2: 2.1

EPSS Низкий

Описание

An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Files Widget" component. It allows physically proximate attackers to obtain sensitive information by leveraging the display of cached data on a locked device.

Ссылки

http://www.securityfocus.com/bid/103578
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040604
Third Party Advisory
VDB Entry
https://support.apple.com/HT208693
Vendor Advisory
http://www.securityfocus.com/bid/103578
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1040604
Third Party Advisory
VDB Entry
https://support.apple.com/HT208693
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 11.3 (исключая)

EPSS

Процентиль: 27%

0.00095

Низкий

4.6 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-g7xw-3mfx-2m42

CVSS3: 4.6

github

больше 3 лет назад

An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Files Widget" component. It allows physically proximate attackers to obtain sensitive information by leveraging the display of cached data on a locked device.

EPSS

Процентиль: 27%

0.00095

Низкий

4.6 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200