← Voltar para CVEs

CVE-2018-4086

N/A

Descricao

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Security" component. It allows remote attackers to spoof certificate validation via crafted name constraints.

Detalhes CVE

Pontuacao CVSS v3.1N/A

Publicado4/3/2018

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

apple:apple_tvapple:iphone_osapple:mac_os_xapple:watchos

Fraquezas (CWE)

CWE-295

Referencias

http://www.securityfocus.com/bid/102782(product-security@apple.com)

http://www.securitytracker.com/id/1040265(product-security@apple.com)

http://www.securitytracker.com/id/1040267(product-security@apple.com)

https://support.apple.com/HT208462(product-security@apple.com)

https://support.apple.com/HT208463(product-security@apple.com)

https://support.apple.com/HT208464(product-security@apple.com)

https://support.apple.com/HT208465(product-security@apple.com)

http://www.securityfocus.com/bid/102782(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1040265(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1040267(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT208462(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT208463(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT208464(af854a3a-2127-422b-91ae-364da2661108)

https://support.apple.com/HT208465(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.