CVE-2018-4400Improper Input Validation in Apple Watchos

CWE-20Improper Input Validation5 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 59.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple Iphone OSApple MAC OS XApple Watchos+2 more
Timeline
PublishedApr 3
Latest updateMay 14

Description

A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

NVDapple/watchos< 5.1
NVDapple/mac_os_x< 10.14.1
Appleapple/watchos5.1
NVDapple/iphone_os< 12.1

🔴Vulnerability Details

1
GHSA
GHSA-g8pr-ghvw-pp9m: A validation issue was addressed with improved logic2022-05-14

📋Vendor Advisories

3
Apple
CVE-2018-4400: watchOS 5.12018-10-30
Apple
CVE-2018-4400: iOS 12.12018-10-30
Apple
CVE-2018-4400: macOS Mojave 10.14.1, Security Update 2018-002 High Sierra, Security Update 2018-005 Sierra2018-10-30