CVE-2020-9982

2020-10-2720:53:09

apple

www.cve.org

cve-2020-9982

apple music

android

unauthorized actions

user credentials

AI Score

4.3

Confidence

High

EPSS

0.001

Percentile

29.0%

JSON

This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Apple Music 3.4.0 for Android. A malicious application may be able to leak a user’s credentials.

CNA Affected

[
  {
    "product": "Apple Music for Android",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "3.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

support.apple.com/en-us/HT211898