6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.7 Medium
AI Score
Confidence
High
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.003 Low
EPSS
Percentile
70.6%
04/22/2021
Warning
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, obtain sensitive information.
Apple iTunes earlier than 12.11.3
Update to the latest version
Download iTunes
About the security content of iTunes 12.11.3 for Windows
OSI
CVE-2021-18116.5High
CVE-2021-18576.5High
CVE-2021-18256.1High
CVE-2020-74635.5High
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7463
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1825
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1857
statistics.securelist.com/vulnerability-scan/month
support.apple.com/kb/HT212319
threats.kaspersky.com/en/product/Apple-iTunes/
www.apple.com/itunes/download/
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
6.7 Medium
AI Score
Confidence
High
4.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.003 Low
EPSS
Percentile
70.6%