CVE-2020-27895

2020-12-0820:06:07

apple

www.cve.org

3.8 Low

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.9%

JSON

An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs.

CNA Affected

[
  {
    "product": "iTunes for Windows",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "12.11",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

support.apple.com/en-us/HT211933