CVE-2017-7079
published 2017-10-23CVE-2017-7079: An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access…
medium5.5CVSS 3.0
AVLACLPRNUIRSUCHINAN
An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups (written by iTunes) via a crafted app.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | itunes | <= 12.6.2 | — |
| apple | itunes | — | — |
GHSA
GHSA-wg6f-8qgj-cpw7: An issue was discovered in certain Apple products
ghsa_unreviewed·2022-05-13
CVE-2017-7079 [MEDIUM] CWE-552 GHSA-wg6f-8qgj-cpw7: An issue was discovered in certain Apple products
An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups (written by iTunes) via a crafted app.
Apple
CVE-2017-7079: iTunes 12.7
vendor_apple·2017-09-12·CVSS 5.5
CVE-2017-7079 [MEDIUM] CVE-2017-7079: iTunes 12.7
Apple Security Update: About the security content of iTunes 12.7
Product: iTunes
Version: 12.7
CVE: CVE-2017-7079
Component: Data Sync
Impact: An application may be able to access iOS backups performed through iTunes
Description: An access control issue was addressed by restricting access to iOS backups to iTunes.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-10-23
Published