CVE-2019-8834
A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list.
Published
2020-10-27T20:15:20.597
Last Modified
2024-11-21T04:50:34.033
Status
Modified
Source
[email protected]
Severity
CVSSv3.1: 4.3 (MEDIUM)
CVSSv2 Vector
AV:N/AC:L/Au:S/C:N/I:P/A:N
- Access Vector: NETWORK
- Access Complexity: LOW
- Authentication: SINGLE
- Confidentiality Impact: NONE
- Integrity Impact: PARTIAL
- Availability Impact: NONE
Exploitability Score
8.0
Impact Score
2.9
Weaknesses
-
Type: Primary
NVD-CWE-noinfo
Affected Vendors & Products
References
-
https://support.apple.com/en-us/HT210785
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT210788
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT210789
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT210790
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT210793
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT210794
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT210795
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/en-us/HT210785
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/en-us/HT210788
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/en-us/HT210789
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/en-us/HT210790
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/en-us/HT210793
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/en-us/HT210794
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/en-us/HT210795
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)