← Voltar para CVEs
CVE-2021-30855
MEDIUM5.5
Descricao
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. An application may be able to access restricted files.
Detalhes CVE
Pontuacao CVSS v3.15.5
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado8/24/2021
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
apple:ipadosapple:iphone_osapple:mac_os_xapple:macosapple:tvosapple:watchos
Fraquezas (CWE)
CWE-59
Referencias
https://support.apple.com/en-us/HT212804(product-security@apple.com)
https://support.apple.com/en-us/HT212805(product-security@apple.com)
https://support.apple.com/en-us/HT212807(product-security@apple.com)
https://support.apple.com/en-us/HT212814(product-security@apple.com)
https://support.apple.com/en-us/HT212819(product-security@apple.com)
https://support.apple.com/kb/HT212815(product-security@apple.com)
https://support.apple.com/en-us/HT212804(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT212805(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT212807(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT212814(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT212819(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT212815(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.