CVE-2021-30895 — Apple IOS AND Ipados vulnerability

8 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.3%

top 43.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple IOS AND Ipados Apple Macos Apple Ipados +7 more

Timeline

PublishedAug 24

Latest updateDec 13

Description

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.0.2 and iPadOS 15.0.2, tvOS 15.1, watchOS 8.1, macOS Monterey 12.0.1. A malicious application may be able to access information about a user's contacts.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages13 packages

▶Appleapple/macos_monterey12.0.1

▶NVDapple/tvos< 15.1

▶CVEListV5apple/macosunspecified — 12.0+2

▶NVDapple/macos11.0 — 11.6.2+1

▶NVDapple/ipados< 15.1

🔴Vulnerability Details

VulnCheck

iOS, iPadOS, tvOS, watchOS, and macOS Monterey App User Contact Information Disclosure Vulnerability↗2021

▶

📋Vendor Advisories

Apple

CVE-2021-30895: macOS Big Sur 11.6.2↗2021-12-13

▶

Apple

CVE-2021-30895: iOS 15.1 and iPadOS 15.1↗2021-10-25

▶

Apple

CVE-2021-30895: tvOS 15.1↗2021-10-25

▶

Apple

CVE-2021-30895: watchOS 8.1↗2021-10-25

▶

Apple

CVE-2021-30895: macOS Monterey 12.0.1↗2021-10-25

▶