Lucene search
AppleCVE-2022-32836HistoryFeb 27, 2023 - 8:15 p.m.
CVE-2022-32836
2023-02-2720:15:11
apple
web.nvd.nist.gov
30
cve-2022-32836
issue fix
security update
data access
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
6.2
Confidence
High
EPSS
0.002
Percentile
51.7%
This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.
Affected configurations
Node
applemusicMatch3.9.10android
CNA Affected
[
{
"vendor": "Apple",
"product": "Apple Music for Android",
"versions": [
{
"version": "unspecified",
"lessThan": "3.9",
"status": "affected",
"versionType": "custom"
}
]
}
]References
Related
nvd
nvd
CVE-2022-32836
2023-02-27 20:15:11
prion
prion
Information disclosure
2023-02-27 20:15:00
cvelist
cvelist
CVE-2022-32836
2023-02-27 00:00:00
apple
apple
About the security content of Apple Music 3.9.10 for Android
2022-06-14 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
6.2
Confidence
High
EPSS
0.002
Percentile
51.7%
Related for CVE-2022-32836