CVE-2016-4613

{"id": "CVE-2016-4613", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2017-02-20T08:59:00.167", "references": [{"url": "http://www.securityfocus.com/bid/93949", "source": "product-security@apple.com"}, {"url": "http://www.securitytracker.com/id/1037139", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/HT207270", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/HT207272", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/HT207273", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/HT207274", "source": "product-security@apple.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in certain Apple products. Safari before 10.0.1 is affected. iCloud before 6.0.1 is affected. iTunes before 12.5.2 is affected. tvOS before 10.0.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to obtain sensitive information via a crafted web site."}, {"lang": "es", "value": "Se ha descubierto un problema en ciertos productos Apple. Safari en versiones anteriores a 10.0.1 est\u00e1 afectado. iCloud en versiones anteriores a 6.0.1 est\u00e1 afectado. iTunes en versiones anteriores a 12.5.2 est\u00e1 afectado. tvOS en versiones anteriores a 10.0.1 est\u00e1 afectado. El problema involucra al componente \"WebKit\". Esto permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de un sitio web manipulado."}], "lastModified": "2017-07-29T01:34:08.177", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4234F90-95F9-4BDD-86F4-400A57533180", "versionEndIncluding": "10.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "446B7A62-EFB5-43FD-9319-821ECA44A5B5", "versionEndIncluding": "6.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48584EDF-706C-4F6B-A85F-2E98260E15A4", "versionEndIncluding": "12.5.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:apple_tv:10.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F4498E2-15B0-4113-AFB7-5029161AE1BF"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}