← Volver a CVEs

CVE-2018-4086

N/A

Descripcion

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Security" component. It allows remote attackers to spoof certificate validation via crafted name constraints.

Detalles CVE

Puntuacion CVSS v3.1N/A

Publicado4/3/2018

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

apple:apple_tvapple:iphone_osapple:mac_os_xapple:watchos

Debilidades (CWE)

CWE-295

Referencias

http://www.securityfocus.com/bid/102782(product-security@apple.com)

http://www.securitytracker.com/id/1040265(product-security@apple.com)

http://www.securitytracker.com/id/1040267(product-security@apple.com)

https://support.apple.com/HT208462(product-security@apple.com)

https://support.apple.com/HT208463(product-security@apple.com)

https://support.apple.com/HT208464(product-security@apple.com)

https://support.apple.com/HT208465(product-security@apple.com)

http://www.securityfocus.com/bid/102782(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1040265(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1040267(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT208462(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT208463(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT208464(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT208465(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.