Lucene search

[email protected]NVD:CVE-2019-8762

HistoryOct 27, 2020 - 8:15 p.m.

CVE-2019-8762

2020-10-2720:15:19

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

5.3

Confidence

High

EPSS

0.006

Percentile

78.9%

JSON

A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting.

Affected configurations

Nvd

Node

appleicloudRange<7.14windows

appleicloudRange10.0–10.7windows

appleitunesRange<12.10.1windows

applesafariRange<13.0.1

appleipad_osRange<13.1

appleiphone_osRange<13.1

appletvosRange<13

References

support.apple.com/en-us/HT210603

support.apple.com/en-us/HT210604

support.apple.com/en-us/HT210605

support.apple.com/en-us/HT210635

support.apple.com/en-us/HT210636

support.apple.com/en-us/HT210637

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

5.3

Confidence

High

EPSS

0.006

Percentile

78.9%

JSON

Related for NVD:CVE-2019-8762

cve1 prion1 cvelist1 apple12 kaspersky2