CVE-2019-8702 - Vulnerability Details

Vendors	Products
Apple	Iphone Os Mac Os X Tvos

Link	Providers
https://support.apple.com/en-us/HT210346
https://support.apple.com/en-us/HT210348
https://support.apple.com/en-us/HT210351

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "iOS", "vendor": "Apple", "versions": [{"lessThan": "12.4", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "10.14", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "macOS", "vendor": "Apple", "versions": [{"lessThan": "12.4", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user may be able to read a persistent account identifier."}], "problemTypes": [{"descriptions": [{"description": "A local user may be able to read a persistent account identifier", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-12-23T19:48:31", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT210348"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT210346"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/en-us/HT210351"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2019-8702", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.4"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "10.14"}]}}, {"product_name": "macOS", "version": {"version_data": [{"version_affected": "<", "version_value": "12.4"}]}}]}, "vendor_name": "Apple"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user may be able to read a persistent account identifier."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "A local user may be able to read a persistent account identifier"}]}]}, "references": {"reference_data": [{"name": "https://support.apple.com/en-us/HT210348", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT210348"}, {"name": "https://support.apple.com/en-us/HT210346", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT210346"}, {"name": "https://support.apple.com/en-us/HT210351", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT210351"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T21:24:29.520Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT210348"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT210346"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/en-us/HT210351"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2019-8702", "datePublished": "2021-12-23T19:48:31", "dateReserved": "2019-02-18T00:00:00", "dateUpdated": "2024-08-04T21:24:29.520Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : iOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 12.4 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

1 : { »

product : macOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 10.14 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

2 : { »

product : macOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : 12.4 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user may be able to read a persistent account identifier. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : A local user may be able to read a persistent account identifier (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2021-12-23T19:48:31 (string)

orgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

shortName : apple (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT210348 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT210346 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/en-us/HT210351 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : product-security@apple.com (string)

ID : CVE-2019-8702 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : iOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 12.4 (string)

}

]

}

1 : { »

product_name : macOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 10.14 (string)

}

]

}

2 : { »

product_name : macOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : 12.4 (string)

}

]

}

]

}

vendor_name : Apple (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user may be able to read a persistent account identifier. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : A local user may be able to read a persistent account identifier (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://support.apple.com/en-us/HT210348 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT210348 (string)

}

1 : { »

name : https://support.apple.com/en-us/HT210346 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT210346 (string)

}

2 : { »

name : https://support.apple.com/en-us/HT210351 (string)

refsource : MISC (string)

url : https://support.apple.com/en-us/HT210351 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T21:24:29.520Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT210348 (string)

}

1 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT210346 (string)

}

2 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/en-us/HT210351 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

assignerShortName : apple (string)

cveId : CVE-2019-8702 (string)

datePublished : 2021-12-23T19:48:31 (string)

dateReserved : 2019-02-18T00:00:00 (string)

dateUpdated : 2024-08-04T21:24:29.520Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "78127EE5-23FE-4C66-B7EE-2CF3E19F0503", "versionEndExcluding": "12.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0E97851-4DFF-4852-A339-183331F4ACBC", "versionEndExcluding": "10.14.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "D01E4F9E-15B1-4470-8FAF-DB5DCD69CA5C", "versionEndExcluding": "10.12.6", "versionStartIncluding": "10.12", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "760AE295-2E39-4DA3-A384-01A5D4A131AD", "versionEndExcluding": "10.13.6", "versionStartIncluding": "10.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:-:*:*:*:*:*:*", "matchCriteriaId": "6536473A-2ECF-4806-AC02-2386552BEAB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2017-001:*:*:*:*:*:*", "matchCriteriaId": "B8EFC700-879E-4C5C-8A21-064114E9D7B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2017-002:*:*:*:*:*:*", "matchCriteriaId": "42D07F77-71D6-4D97-AF3E-157DDFF4C6B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-001:*:*:*:*:*:*", "matchCriteriaId": "FDC975B8-5808-4D2B-A9FF-445A7D7A33FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-002:*:*:*:*:*:*", "matchCriteriaId": "46E55B34-EF29-48F9-8248-CA2CB4960C2B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-003:*:*:*:*:*:*", "matchCriteriaId": "21364751-F80E-46BA-AF76-C8B1689F426D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-004:*:*:*:*:*:*", "matchCriteriaId": "60EF4C45-05E2-498C-8245-45871BBF8A3E", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-005:*:*:*:*:*:*", "matchCriteriaId": "9E029E9E-E01B-4995-B7FA-286A0C667A54", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-006:*:*:*:*:*:*", "matchCriteriaId": "8F352467-BBDC-4A1A-8BF0-0DA2F762DBFA", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2019-001:*:*:*:*:*:*", "matchCriteriaId": "4353B3DF-2371-4A6F-9FF8-2CC3EF7DC4F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2019-002:*:*:*:*:*:*", "matchCriteriaId": "A0334DC1-4D8C-448C-84B3-310499118B44", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2019-003:*:*:*:*:*:*", "matchCriteriaId": "F80F3626-D093-45F4-80A1-3DB1EC94E0F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:-:*:*:*:*:*:*", "matchCriteriaId": "297D2D0C-EA9D-4B2C-9357-D88DB6C7143A", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-002:*:*:*:*:*:*", "matchCriteriaId": "0D845143-1B4D-478B-B83E-8F1664CBCAC3", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-003:*:*:*:*:*:*", "matchCriteriaId": "23C6DF6A-9A30-4F9E-BD9C-C19D8551C6DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-001:*:*:*:*:*:*", "matchCriteriaId": "754A2DF4-8724-4448-A2AB-AC5442029CB7", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-002:*:*:*:*:*:*", "matchCriteriaId": "D392C777-1949-4920-B459-D083228E4688", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-003:*:*:*:*:*:*", "matchCriteriaId": "68B0A232-F2A4-4B87-99EB-3A532DFA87DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC281794-DEC0-4C8A-8B92-F8E5D8785EF6", "versionEndExcluding": "12.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user may be able to read a persistent account identifier."}, {"lang": "es", "value": "Este problema se abord\u00f3 con una nueva asignaci\u00f3n de derechos. Este problema es corregido en macOS Mojave versi\u00f3n 10.14.6, actualizaci\u00f3n de seguridad 2019-004 High Sierra, actualizaci\u00f3n de seguridad 2019-004 Sierra, iOS versi\u00f3n 12.4, tvOS versi\u00f3n 12.4. Un usuario local puede ser capaz de leer un identificador de cuenta persistente"}], "id": "CVE-2019-8702", "lastModified": "2024-11-21T04:50:19.557", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-12-23T20:15:08.717", "references": [{"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT210346"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT210348"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT210351"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT210346"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT210348"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT210351"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-668"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 78127EE5-23FE-4C66-B7EE-2CF3E19F0503 (string)

versionEndExcluding : 12.4 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B0E97851-4DFF-4852-A339-183331F4ACBC (string)

versionEndExcluding : 10.14.6 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D01E4F9E-15B1-4470-8FAF-DB5DCD69CA5C (string)

versionEndExcluding : 10.12.6 (string)

versionStartIncluding : 10.12 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 760AE295-2E39-4DA3-A384-01A5D4A131AD (string)

versionEndExcluding : 10.13.6 (string)

versionStartIncluding : 10.13 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:-:*:*:*:*:*:* (string)

matchCriteriaId : 6536473A-2ECF-4806-AC02-2386552BEAB1 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2017-001:*:*:*:*:*:* (string)

matchCriteriaId : B8EFC700-879E-4C5C-8A21-064114E9D7B2 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2017-002:*:*:*:*:*:* (string)

matchCriteriaId : 42D07F77-71D6-4D97-AF3E-157DDFF4C6B5 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-001:*:*:*:*:*:* (string)

matchCriteriaId : FDC975B8-5808-4D2B-A9FF-445A7D7A33FB (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-002:*:*:*:*:*:* (string)

matchCriteriaId : 46E55B34-EF29-48F9-8248-CA2CB4960C2B (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-003:*:*:*:*:*:* (string)

matchCriteriaId : 21364751-F80E-46BA-AF76-C8B1689F426D (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-004:*:*:*:*:*:* (string)

matchCriteriaId : 60EF4C45-05E2-498C-8245-45871BBF8A3E (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-005:*:*:*:*:*:* (string)

matchCriteriaId : 9E029E9E-E01B-4995-B7FA-286A0C667A54 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-006:*:*:*:*:*:* (string)

matchCriteriaId : 8F352467-BBDC-4A1A-8BF0-0DA2F762DBFA (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2019-001:*:*:*:*:*:* (string)

matchCriteriaId : 4353B3DF-2371-4A6F-9FF8-2CC3EF7DC4F6 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2019-002:*:*:*:*:*:* (string)

matchCriteriaId : A0334DC1-4D8C-448C-84B3-310499118B44 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2019-003:*:*:*:*:*:* (string)

matchCriteriaId : F80F3626-D093-45F4-80A1-3DB1EC94E0F2 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.13.6:-:*:*:*:*:*:* (string)

matchCriteriaId : 297D2D0C-EA9D-4B2C-9357-D88DB6C7143A (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-002:*:*:*:*:*:* (string)

matchCriteriaId : 0D845143-1B4D-478B-B83E-8F1664CBCAC3 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-003:*:*:*:*:*:* (string)

matchCriteriaId : 23C6DF6A-9A30-4F9E-BD9C-C19D8551C6DA (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-001:*:*:*:*:*:* (string)

matchCriteriaId : 754A2DF4-8724-4448-A2AB-AC5442029CB7 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-002:*:*:*:*:*:* (string)

matchCriteriaId : D392C777-1949-4920-B459-D083228E4688 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-003:*:*:*:*:*:* (string)

matchCriteriaId : 68B0A232-F2A4-4B87-99EB-3A532DFA87DA (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* (string)

matchCriteriaId : AC281794-DEC0-4C8A-8B92-F8E5D8785EF6 (string)

versionEndExcluding : 12.4 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : This issue was addressed with a new entitlement. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra, iOS 12.4, tvOS 12.4. A local user may be able to read a persistent account identifier. (string)

}

1 : { »

lang : es (string)

value : Este problema se abordó con una nueva asignación de derechos. Este problema es corregido en macOS Mojave versión 10.14.6, actualización de seguridad 2019-004 High Sierra, actualización de seguridad 2019-004 Sierra, iOS versión 12.4, tvOS versión 12.4. Un usuario local puede ser capaz de leer un identificador de cuenta persistente (string)

}

]

id : CVE-2019-8702 (string)

lastModified : 2024-11-21T04:50:19.557 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 2.1 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:L/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : NONE (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2021-12-23T20:15:08.717 (string)

references : [ »

0 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT210346 (string)

}

1 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT210348 (string)

}

2 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT210351 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT210346 (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT210348 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://support.apple.com/en-us/HT210351 (string)

}

]

sourceIdentifier : product-security@apple.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-668 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object