CVE-2019-7290

{"id": "CVE-2019-7290", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}]}, "published": "2019-12-18T18:15:22.287", "references": [{"url": "https://support.apple.com/HT209522", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-610"}]}], "descriptions": [{"lang": "en", "value": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may be able to circumvent sandbox restrictions."}, {"lang": "es", "value": "Un problema de acceso fue abordado con restricciones de sandbox adicionales. Este problema es corregido en Shortcuts versi\u00f3n 2.1.3 para iOS. Un proceso dentro del sandbox puede ser capaz de evitar las restricciones del sandbox."}], "lastModified": "2019-12-31T19:39:15.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:shortcuts:*:*:*:*:*:iphone_os:*:*", "vulnerable": true, "matchCriteriaId": "098D064B-10D1-483A-A8B0-DE29A9B0CBEC", "versionEndExcluding": "2.1.3"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}