Lucene search

[email protected]CVE-2018-4398

HistoryApr 03, 2019 - 6:29 p.m.

CVE-2018-4398

2019-04-0318:29:13

CWE-20

[email protected]

web.nvd.nist.gov

cve-2018-4398

information security

prime numbers

ios

macos

tvos

watchos

itunes

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.6%

JSON

An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.

Affected configurations

Vulners

NVD

Node

n\/aios\,_macos\,_tvos\,_watchos\,_itunes_for_windows\,_icloud_for_windowsRange≤12.1

n\/aios\,_macos\,_tvos\,_watchos\,_itunes_for_windows\,_icloud_for_windowsRange≤10.14.1

n\/aios\,_macos\,_tvos\,_watchos\,_itunes_for_windows\,_icloud_for_windowsRange≤12.1

n\/aios\,_macos\,_tvos\,_watchos\,_itunes_for_windows\,_icloud_for_windowsRange≤5.1

n\/aios\,_macos\,_tvos\,_watchos\,_itunes_for_windows\,_icloud_for_windowsRange≤12.9.1

n\/aios\,_macos\,_tvos\,_watchos\,_itunes_for_windows\,_icloud_for_windowsRange≤7.8

CPENameOperatorVersion
apple:iphone_osapple iphone oslt12.1
apple:mac_os_xapple mac os xlt10.14.1
apple:tvosapple tvoslt12.1
apple:watchosapple watchoslt5.1

CPE	Name	Operator	Version
apple:iphone_os	apple iphone os	lt	12.1
apple:mac_os_x	apple mac os x	lt	10.14.1
apple:tvos	apple tvos	lt	12.1
apple:watchos	apple watchos	lt	5.1

CNA Affected

[
  {
    "product": "iOS, macOS, tvOS, watchOS,  iTunes for Windows, iCloud for Windows",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Versions prior to: iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8"
      }
    ]
  }
]

References

support.apple.com/kb/HT209192

support.apple.com/kb/HT209193

support.apple.com/kb/HT209194

support.apple.com/kb/HT209195

support.apple.com/kb/HT209197

support.apple.com/kb/HT209198

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

6.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.6%

JSON

Related for CVE-2018-4398

nvd1 cvelist1 prion1 apple12 nessus6 openvas2 kaspersky1