CVE-2021-30997Cleartext Storage of Sensitive Info in Apple IOS AND Ipados

CWE-312Cleartext Storage of Sensitive Info1 documents1 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 64.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple IOS AND IpadosApple IpadosApple Iphone OS
Timeline
PublishedAug 24

Description

A S/MIME issue existed in the handling of encrypted email. This issue was addressed by not automatically loading some MIME parts. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker may be able to recover plaintext contents of an S/MIME-encrypted e-mail.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDapple/ipados< 15.2
CVEListV5apple/ios_and_ipadosunspecified15.2
NVDapple/iphone_os< 15.2
CVE-2021-30997 — Cleartext Storage of Sensitive Info | cvebase