CVE-2018-4185

Published: Jan 11, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.

Affected (4)

Products: Apple: Iphone Os, Mac Os X, Tvos, Watchos

4 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Before 11.3
Apple Mac Os X	Before 10.13.4
Apple Tvos	Before 11.3
Apple Watchos	Before 4.3

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

https://support.apple.com/HT208692

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT208693

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT208696

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT208698

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/HT208692

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/HT208693

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/HT208696

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/HT208698

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.