CVE-2017-13864

An issue was discovered in certain Apple products. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. The issue involves the "APNs Server" component. It allows man-in-the-middle attackers to track users by leveraging mishandling of client certificates.
References
Link Resource
http://www.securityfocus.com/bid/102192 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040013 Third Party Advisory VDB Entry
https://support.apple.com/HT208326 Vendor Advisory
https://support.apple.com/HT208328 Vendor Advisory
http://www.securityfocus.com/bid/102192 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040013 Third Party Advisory VDB Entry
https://support.apple.com/HT208326 Vendor Advisory
https://support.apple.com/HT208328 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

21 Nov 2024, 03:11

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/102192 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/102192 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1040013 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1040013 - Third Party Advisory, VDB Entry
References () https://support.apple.com/HT208326 - Vendor Advisory () https://support.apple.com/HT208326 - Vendor Advisory
References () https://support.apple.com/HT208328 - Vendor Advisory () https://support.apple.com/HT208328 - Vendor Advisory

Information

Published : 2017-12-25 21:29

Updated : 2024-11-21 03:11


NVD link : CVE-2017-13864

Mitre link : CVE-2017-13864

CVE.ORG link : CVE-2017-13864


JSON object : View

Products Affected

microsoft

  • windows

apple

  • icloud
  • itunes
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor