CVE-2018-4293Improper Input Validation in Apple Icloud

CWE-20Improper Input Validation9 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.6%
top 31.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Apple IcloudApple Iphone OSApple Itunes+3 more
Timeline
PublishedApr 3
Latest updateMay 14

Description

A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages6 packages

NVDapple/tvos< 11.4.1
NVDapple/icloud< 7.6
NVDapple/itunes< 12.8
NVDapple/watchos< 4.3.2
NVDapple/mac_os_x< 10.13.6

🔴Vulnerability Details

2
GHSA
GHSA-w67j-3f4j-998m: A cookie management issue was addressed with improved checks2022-05-14
CVEList
CVE-2018-4293: A cookie management issue was addressed with improved checks2019-04-03

📋Vendor Advisories

6
Apple
CVE-2018-4293: iOS 11.4.12018-07-09
Apple
CVE-2018-4293: iCloud for Windows 7.62018-07-09
Apple
CVE-2018-4293: watchOS 4.3.22018-07-09
Apple
CVE-2018-4293: iTunes 12.8 for Windows2018-07-09
Apple
CVE-2018-4293: tvOS 11.4.12018-07-09
CVE-2018-4293 — Improper Input Validation in Apple | cvebase