← Back

CVE-2019-8702

nvd nist
Published: Dec 23, 2021Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user may be able to read a persistent account identifier.

Affected (23)

Apple
3 products
Iphone Os
Mac Os X
Tvos
Configuration A
23 vulnerable
Vulnerable SoftwareAffected Versions
Iphone Os
Before 12.4
Apple
Mac Os X
Before 10.14.6
Mac Os X
From 10.12 to 10.12.6
Mac Os X
From 10.13 to 10.13.6
Mac Os X
Version 10.12.6
Mac Os X
Version 10.12.6 security_update_2017-001
Mac Os X
Version 10.12.6 security_update_2017-002
Mac Os X
Version 10.12.6 security_update_2018-001
Mac Os X
Version 10.12.6 security_update_2018-002
Mac Os X
Version 10.12.6 security_update_2018-003
Mac Os X
Version 10.12.6 security_update_2018-004
Mac Os X
Version 10.12.6 security_update_2018-005
Mac Os X
Version 10.12.6 security_update_2018-006
Mac Os X
Version 10.12.6 security_update_2019-001
Mac Os X
Version 10.12.6 security_update_2019-002
Mac Os X
Version 10.12.6 security_update_2019-003
Mac Os X
Version 10.13.6
Mac Os X
Version 10.13.6 security_update_2018-002
Mac Os X
Version 10.13.6 security_update_2018-003
Mac Os X
Version 10.13.6 security_update_2019-001
Mac Os X
Version 10.13.6 security_update_2019-002
Mac Os X
Version 10.13.6 security_update_2019-003
Tvos
Before 12.4

Related CWEs

CWE-668
Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References (6)

Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.