CVE-2019-8698

Опубликовано: 18 дек. 2019

Источник: nvd

CVSS3: 3.3

CVSS2: 4.3

EPSS Низкий

Описание

A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in iOS 12.4, tvOS 12.4. A malicious application may be able to restrict access to websites.

Ссылки

https://support.apple.com/HT210346
Vendor Advisory
https://support.apple.com/HT210351
Vendor Advisory
https://support.apple.com/HT210346
Vendor Advisory
https://support.apple.com/HT210351
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 12.4 (исключая)

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Версия до 12.4 (исключая)

EPSS

Процентиль: 48%

0.00252

Низкий

3.3 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-24c7-89jw-rm65

github

больше 3 лет назад