CVE-2020-9981 - Vulnerability Details

Vendors	Products
Apple	Icloud Ipados Iphone Os Itunes Mac Os X Tvos Watchos

Link	Providers
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211849
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "tvOS", "vendor": "Apple", "versions": [{"lessThan": "14.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "watchOS", "vendor": "Apple", "versions": [{"lessThan": "7.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "10.15", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "14.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "11.5", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "12.10", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted file may lead to arbitrary code execution."}], "problemTypes": [{"descriptions": [{"description": "Processing a maliciously crafted file may lead to arbitrary code execution", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-12-08T19:28:42", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT211849"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT211843"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT211850"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT211844"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT211935"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT211952"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2020-9981", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "14.0"}]}}, {"product_name": "watchOS", "version": {"version_data": [{"version_affected": "<", "version_value": "7.0"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "10.15"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "14.0"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "11.5"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.10"}]}}]}, "vendor_name": "Apple"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted file may lead to arbitrary code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing a maliciously crafted file may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"name": "https://support.apple.com/en-us/HT211849", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT211849"}, {"name": "https://support.apple.com/en-us/HT211843", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT211843"}, {"name": "https://support.apple.com/en-us/HT211850", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT211850"}, {"name": "https://support.apple.com/en-us/HT211844", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT211844"}, {"name": "https://support.apple.com/en-us/HT211935", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT211935"}, {"name": "https://support.apple.com/en-us/HT211952", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT211952"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T10:50:57.410Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT211849"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT211843"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT211850"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT211844"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT211935"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT211952"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2020-9981", "datePublished": "2020-12-08T19:28:42", "dateReserved": "2020-03-02T00:00:00", "dateUpdated": "2024-08-04T10:50:57.410Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : tvOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 14.0 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

1 : { »

product : watchOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 7.0 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

2 : { »

product : macOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 10.15 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

3 : { »

product : macOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 14.0 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

4 : { »

product : macOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 11.5 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

5 : { »

product : macOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 12.10 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted file may lead to arbitrary code execution. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Processing a maliciously crafted file may lead to arbitrary code execution (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2020-12-08T19:28:42 (string)

orgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

shortName : apple (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT211849 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT211843 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT211850 (string)

}

3 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT211844 (string)

}

4 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT211935 (string)

}

5 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT211952 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : product-security@apple.com (string)

ID : CVE-2020-9981 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : tvOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 14.0 (string)

}

]

}

1 : { »

product_name : watchOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 7.0 (string)

}

]

}

2 : { »

product_name : macOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 10.15 (string)

}

]

}

3 : { »

product_name : macOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 14.0 (string)

}

]

}

4 : { »

product_name : macOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 11.5 (string)

}

]

}

5 : { »

product_name : macOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 12.10 (string)

}

]

}

]

}

vendor_name : Apple (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted file may lead to arbitrary code execution. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Processing a maliciously crafted file may lead to arbitrary code execution (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://support.apple.com/en-us/HT211849 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT211849 (string)

}

1 : { »

name : https://support.apple.com/en-us/HT211843 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT211843 (string)

}

2 : { »

name : https://support.apple.com/en-us/HT211850 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT211850 (string)

}

3 : { »

name : https://support.apple.com/en-us/HT211844 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT211844 (string)

}

4 : { »

name : https://support.apple.com/en-us/HT211935 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT211935 (string)

}

5 : { »

name : https://support.apple.com/en-us/HT211952 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT211952 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T10:50:57.410Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT211849 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT211843 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT211850 (string)

}

3 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT211844 (string)

}

4 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT211935 (string)

}

5 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT211952 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

assignerShortName : apple (string)

cveId : CVE-2020-9981 (string)

datePublished : 2020-12-08T19:28:42 (string)

dateReserved : 2020-03-02T00:00:00 (string)

dateUpdated : 2024-08-04T10:50:57.410Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*", "matchCriteriaId": "5AD2710B-E1DB-4D6C-9A0E-1EC033AEC709", "versionEndExcluding": "11.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*", "matchCriteriaId": "82AF1567-8217-464E-896E-874EBB0FE463", "versionEndExcluding": "12.10.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "10CC9ED4-9AE1-415A-94FF-60CB209506CA", "versionEndExcluding": "14.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "16AF4D2F-3C55-4DCC-A253-3F8CB4F453EF", "versionEndExcluding": "14.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF8C1CB5-DACB-449C-9E07-E477142C589F", "versionEndExcluding": "10.15.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D16EC4D-D2E7-476D-BFBC-3703C8F0B45E", "versionEndExcluding": "14.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "matchCriteriaId": "C117BCCF-7789-40BB-AD25-1E712F6DCF7C", "versionEndExcluding": "7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted file may lead to arbitrary code execution."}, {"lang": "es", "value": "Se abord\u00f3 un uso de la memoria previamente liberada con una administraci\u00f3n de la memoria mejorada. Este problema se corrigi\u00f3 en watchOS versi\u00f3n 7.0, iOS versi\u00f3n 14.0 e iPadOS versi\u00f3n 14.0, iTunes para Windows versi\u00f3n 12.10.9, iCloud para Windows versi\u00f3n 11.5, tvOS versi\u00f3n 14.0, macOS Catalina versi\u00f3n 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Un procesamiento de un archivo malicioso puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitraria"}], "id": "CVE-2020-9981", "lastModified": "2024-11-21T05:41:38.283", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-12-08T20:15:17.793", "references": [{"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211843"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211844"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211849"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211850"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211935"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211952"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211843"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211844"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211849"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211850"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211935"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT211952"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:* (string)

matchCriteriaId : 5AD2710B-E1DB-4D6C-9A0E-1EC033AEC709 (string)

versionEndExcluding : 11.5 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:* (string)

matchCriteriaId : 82AF1567-8217-464E-896E-874EBB0FE463 (string)

versionEndExcluding : 12.10.9 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 10CC9ED4-9AE1-415A-94FF-60CB209506CA (string)

versionEndExcluding : 14.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 16AF4D2F-3C55-4DCC-A253-3F8CB4F453EF (string)

versionEndExcluding : 14.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EF8C1CB5-DACB-449C-9E07-E477142C589F (string)

versionEndExcluding : 10.15.7 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0D16EC4D-D2E7-476D-BFBC-3703C8F0B45E (string)

versionEndExcluding : 14.0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C117BCCF-7789-40BB-AD25-1E712F6DCF7C (string)

versionEndExcluding : 7.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted file may lead to arbitrary code execution. (string)

}

1 : { »

lang : es (string)

value : Se abordó un uso de la memoria previamente liberada con una administración de la memoria mejorada. Este problema se corrigió en watchOS versión 7.0, iOS versión 14.0 e iPadOS versión 14.0, iTunes para Windows versión 12.10.9, iCloud para Windows versión 11.5, tvOS versión 14.0, macOS Catalina versión 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Un procesamiento de un archivo malicioso puede conllevar a una ejecución de código arbitraria (string)

}

]

id : CVE-2020-9981 (string)

lastModified : 2024-11-21T05:41:38.283 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 9.3 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:N/AC:M/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-12-08T20:15:17.793 (string)

references : [ »

0 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211843 (string)

}

1 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211844 (string)

}

2 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211849 (string)

}

3 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211850 (string)

}

4 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211935 (string)

}

5 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211952 (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211843 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211844 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211849 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211850 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211935 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT211952 (string)

}

]

sourceIdentifier : product-security@apple.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-416 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object