Kaspersky LabKLA11579KLA11579 Multiple vulnerabilities in Apple iCloud
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.4%
Detect date:
09/07/2019
Severity:
Critical
Description:
Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack.
Affected products:
Apple iCloud earlier than 7.14
Apple iCloud earlier than 10.7
Solution:
Update to the latest version
Download iCloud
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2019-87266.8High
CVE-2019-87336.8High
CVE-2019-87076.8High
CVE-2019-87194.3Warning
CVE-2019-87456.8High
CVE-2019-86254.3Warning
CVE-2019-87356.8High
CVE-2019-87636.8High
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8625
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8707
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8719
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8726
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8733
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8735
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8745
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8763
statistics.securelist.com/vulnerability-scan/month
support.apple.com/en-us/HT204283
support.apple.com/en-us/HT210636
support.apple.com/en-us/HT210637
threats.kaspersky.com/en/product/Apple-iCloud/
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.4%