CVE-2018-4321
published 2019-04-03CVE-2018-4321: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected…
PriorityP424medium5.3CVSS 3.0
AVNACLPRNUINSUCLINAN
EPSS
0.28%
51.8th percentile
A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | < 12.0 | 12.0 |
| apple | mac_os_x | < 10.14 | 10.14 |
| apple | macos_mojave | — | — |
| apple | tvos | < 12 | 12 |
| apple | tvos | — | — |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Apple
CVE-2018-4321: macOS Mojave 10.14
vendor_apple·2018-09-24·CVSS 5.3
CVE-2018-4321 [MEDIUM] CVE-2018-4321: macOS Mojave 10.14
Apple Security Update: About the security content of macOS Mojave 10.14
Product: macOS Mojave
Version: 10.14
CVE: CVE-2018-4321
Component: Auto Unlock
Impact: A malicious application may be able to access local users AppleIDs
Description: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.
Apple
CVE-2018-4321: tvOS 12
vendor_apple·2018-09-17·CVSS 5.3
CVE-2018-4321 [MEDIUM] CVE-2018-4321: tvOS 12
Apple Security Update: About the security content of tvOS 12
Product: tvOS
Version: 12
CVE: CVE-2018-4321
Component: Auto Unlock
Impact: A malicious application may be able to access local users AppleIDs
Description: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.
Apple
CVE-2018-4321: iOS 12
vendor_apple·2018-09-17·CVSS 5.3
CVE-2018-4321 [MEDIUM] CVE-2018-4321: iOS 12
Apple Security Update: About the security content of iOS 12
Product: iOS
Version: 12
CVE: CVE-2018-4321
Component: Auto Unlock
Impact: A malicious application may be able to access local users AppleIDs
Description: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.
GHSA
GHSA-2cp8-mv48-5393: A validation issue existed in the entitlement verification
ghsa_unreviewed·2022-05-14
CVE-2018-4321 [MEDIUM] CWE-20 GHSA-2cp8-mv48-5393: A validation issue existed in the entitlement verification
A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-04-03
Published