CVE-2018-4168

An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Files Widget" component. It allows physically proximate attackers to obtain sensitive information by leveraging the display of cached data on a locked device.
References
Link Resource
http://www.securityfocus.com/bid/103578 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040604 Third Party Advisory VDB Entry
https://support.apple.com/HT208693 Vendor Advisory
http://www.securityfocus.com/bid/103578 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040604 Third Party Advisory VDB Entry
https://support.apple.com/HT208693 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:06

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/103578 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/103578 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1040604 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1040604 - Third Party Advisory, VDB Entry
References () https://support.apple.com/HT208693 - Vendor Advisory () https://support.apple.com/HT208693 - Vendor Advisory

Information

Published : 2018-04-03 06:29

Updated : 2024-11-21 04:06


NVD link : CVE-2018-4168

Mitre link : CVE-2018-4168

CVE.ORG link : CVE-2018-4168


JSON object : View

Products Affected

apple

  • iphone_os
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor