4.3

CVE-2019-8834

A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list.

Data is provided by the National Vulnerability Database (NVD)
AppleiCloud SwPlatformwindows Version < 7.16
AppleiCloud SwPlatformwindows Version >= 10.0 < 10.9
AppleiTunes SwPlatformwindows Version < 12.10.3
AppleiPadOS Version < 13.3
AppleiPhone OS Version < 13.3
ApplemacOS X Version < 10.15.2
AppletvOS Version < 13.3
ApplewatchOS Version < 6.1.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.32% 0.517
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:P/A:N
https://support.apple.com/en-us/HT210785
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT210788
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT210789
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT210790
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT210793
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT210794
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT210795
Vendor Advisory
Release Notes