CVE-2015-1110Sensitive Information Exposure in Apple Iphone OS

CWE-200Sensitive Information Exposure4 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.7%
top 27.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple Iphone OSApple TvosApple TV+1 more
Timeline
PublishedApr 10
Latest updateMay 14

Description

The Podcasts component in Apple iOS before 8.3 and Apple TV before 7.2 allows remote attackers to discover unique identifiers by reading asset-download request data.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

NVDapple/tvos7.1
Appleapple/ios8.3
Appleapple/apple_tv7.2

🔴Vulnerability Details

1
GHSA
GHSA-h785-h868-2c9h: The Podcasts component in Apple iOS before 82022-05-14

📋Vendor Advisories

2
Apple
CVE-2015-1110: Apple TV 7.2
Apple
CVE-2015-1110: iOS 8.3