CVE-2020-3890 - Vulnerability Details

Vendors	Products
Apple	Ipad Os Iphone Os

Link	Providers
https://support.apple.com/HT211102

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "iOS", "vendor": "Apple", "versions": [{"lessThan": "iOS 13.4 and iPadOS 13.4", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion."}], "problemTypes": [{"descriptions": [{"description": "Deleted messages groups may still be suggested as an autocompletion", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-01T17:46:55", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/HT211102"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2020-3890", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "iOS", "version": {"version_data": [{"version_affected": "<", "version_value": "iOS 13.4 and iPadOS 13.4"}]}}]}, "vendor_name": "Apple"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Deleted messages groups may still be suggested as an autocompletion"}]}]}, "references": {"reference_data": [{"name": "https://support.apple.com/HT211102", "refsource": "MISC", "url": "https://support.apple.com/HT211102"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:52:19.497Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/HT211102"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2020-3890", "datePublished": "2020-04-01T17:46:55", "dateReserved": "2019-12-18T00:00:00", "dateUpdated": "2024-08-04T07:52:19.497Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : iOS (string)

vendor : Apple (string)

versions : [ »

0 : { »

lessThan : iOS 13.4 and iPadOS 13.4 (string)

status : affected (string)

version : unspecified (string)

versionType : custom (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Deleted messages groups may still be suggested as an autocompletion (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2020-04-01T17:46:55 (string)

orgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

shortName : apple (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://support.apple.com/HT211102 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : product-security@apple.com (string)

ID : CVE-2020-3890 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : iOS (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_value : iOS 13.4 and iPadOS 13.4 (string)

}

]

}

]

}

vendor_name : Apple (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Deleted messages groups may still be suggested as an autocompletion (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://support.apple.com/HT211102 (string)

refsource : MISC (string)

url : https://support.apple.com/HT211102 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T07:52:19.497Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://support.apple.com/HT211102 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 286789f9-fbc2-4510-9f9a-43facdede74c (string)

assignerShortName : apple (string)

cveId : CVE-2020-3890 (string)

datePublished : 2020-04-01T17:46:55 (string)

dateReserved : 2019-12-18T00:00:00 (string)

dateUpdated : 2024-08-04T07:52:19.497Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "A754595C-30B0-4E62-8ECF-E671F6C3DC57", "versionEndExcluding": "13.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "09DD8CD4-AF42-4A2B-8DF0-AED34E43FDD8", "versionEndExcluding": "13.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion."}, {"lang": "es", "value": "Se abord\u00f3 el problema con una eliminaci\u00f3n mejorada. Este problema es corregido en iOS versi\u00f3n 13.4 y iPadOS versi\u00f3n 13.4. Los grupos de mensajes eliminados a\u00fan pueden ser sugeridos como una autocompletaci\u00f3n."}], "id": "CVE-2020-3890", "lastModified": "2024-11-21T05:31:54.350", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-01T18:15:16.053", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/HT211102"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/HT211102"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A754595C-30B0-4E62-8ECF-E671F6C3DC57 (string)

versionEndExcluding : 13.4 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 09DD8CD4-AF42-4A2B-8DF0-AED34E43FDD8 (string)

versionEndExcluding : 13.4 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion. (string)

}

1 : { »

lang : es (string)

value : Se abordó el problema con una eliminación mejorada. Este problema es corregido en iOS versión 13.4 y iPadOS versión 13.4. Los grupos de mensajes eliminados aún pueden ser sugeridos como una autocompletación. (string)

}

]

id : CVE-2020-3890 (string)

lastModified : 2024-11-21T05:31:54.350 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 5.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : LOW (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 1.4 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-04-01T18:15:16.053 (string)

references : [ »

0 : { »

source : product-security@apple.com (string)

tags : [ »

0 : Release Notes (string)

1 : Vendor Advisory (string)

]

url : https://support.apple.com/HT211102 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Release Notes (string)

1 : Vendor Advisory (string)

]

url : https://support.apple.com/HT211102 (string)

}

]

sourceIdentifier : product-security@apple.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object