Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAppleCVE-2019-6236
HistoryDec 18, 2019 - 6:15 p.m.

CVE-2019-6236

2019-12-1818:15:21
CWE-362
apple
web.nvd.nist.gov
38
cve-2019-6236
icloud
windows
installation
race condition
arbitrary code execution
nvd

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

0.002

Percentile

60.8%

JSON

A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution.

Affected configurations

Nvd
Vulners
Node
appleicloudRange<7.11windows
VendorProductVersionCPE
appleicloud*cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*

CNA Affected

[
  {
    "product": "iCloud for Windows",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "iCloud for Windows 7.11",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

cvelist 1
nvd 1
prion 1
openvas 1
apple 2
kaspersky 1
cvelist
cvelist
CVE-2019-6236
2019-12-18 17:33:15
nvd
nvd
CVE-2019-6236
2019-12-18 18:15:21
prion
prion
Race condition
2019-12-18 18:15:00
openvas
openvas
Apple iCloud Security Update (HT209605) - Windows
2019-03-26 00:00:00
apple
apple
About the security content of iCloud for Windows 7.11
2019-03-25 00:00:00
About the security content of iCloud for Windows 7.11 - Apple Support
2019-06-24 08:18:10
kaspersky
kaspersky
KLA11456 Multiple vulnerabilities in Apple iCloud
2019-03-25 00:00:00

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

0.002

Percentile

60.8%

JSON
Related for CVE-2019-6236
cvelist1nvd1prion1openvas1apple2kaspersky1