Lucene search

AppleCVE-2018-4445

HistoryApr 03, 2019 - 6:29 p.m.

CVE-2018-4445

2019-04-0318:29:16

CWE-200

apple

web.nvd.nist.gov

cve-2018-4445

clear history

website data

data deletion

ios

safari

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

AI Score

5.3

Confidence

Low

EPSS

0.001

Percentile

22.7%

JSON

“Clear History and Website Data” did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.

Affected configurations

Nvd

Vulners

Node

applesafariRange<12.0.2

appleiphone_osRange<12.1.1

CNA Affected

[
  {
    "product": "iOS, Safari",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Versions prior to: iOS 12.1.1, Safari 12.0.2"
      }
    ]
  }
]

References

support.apple.com/kb/HT209340

support.apple.com/kb/HT209344

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

AI Score

5.3

Confidence

Low

EPSS

0.001

Percentile

22.7%

JSON

Related for CVE-2018-4445