Lucene search

[email protected]CVE-2015-5916

HistorySep 18, 2015 - 12:00 p.m.

CVE-2015-5916

2015-09-1812:00:00

CWE-200

[email protected]

web.nvd.nist.gov

apple

ios

cve-2015-5916

security vulnerability

information leakage

apple pay

nvd

5.3 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

The Apple Pay component in Apple iOS before 9 allows remote terminals to obtain sensitive recent-transaction information during payments by leveraging the transaction-log feature.

CPENameOperatorVersion
apple:watchosapple watchosle2.0.0
apple:iphone_osapple iphone osle8.4.1

CPE	Name	Operator	Version
apple:watchos	apple watchos	le	2.0.0
apple:iphone_os	apple iphone os	le	8.4.1

References

lists.apple.com/archives/security-announce/2015/Oct/msg00003.html

lists.apple.com/archives/security-announce/2015/Sep/msg00001.html

lists.apple.com/archives/security-announce/2015/Sep/msg00005.html

www.securityfocus.com/bid/76764

www.securitytracker.com/id/1033609

support.apple.com/HT205212

support.apple.com/HT205213

support.apple.com/HT205378

5.3 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for CVE-2015-5916

prion1 threatpost1 securityvulns5