CVE-2020-27951

{"id": "CVE-2020-27951", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2021-04-02T18:15:16.983", "references": [{"url": "https://support.apple.com/en-us/HT212003", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT212004", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT212006", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT212009", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT212003", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT212004", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT212006", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT212009", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved checks. This issue is fixed in watchOS 6.3, iOS 12.5, iOS 14.3 and iPadOS 14.3, watchOS 7.2. Unauthorized code execution may lead to an authentication policy violation."}, {"lang": "es", "value": "Este problema es abordado con comprobaciones mejoradas. Este problema es corregido en watchOS versi\u00f3n 6.3, iOS versi\u00f3n 12.5, iOS versi\u00f3n 14.3 y iPadOS versi\u00f3n 14.3, watchOS versi\u00f3n 7.2. Una ejecuci\u00f3n de c\u00f3digo no autorizado puede conllevar a una violaci\u00f3n de la pol\u00edtica de autenticaci\u00f3n."}], "lastModified": "2024-11-21T05:22:06.777", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D8BA3D3-D515-4592-9805-E7B3C17343AF", "versionEndExcluding": "14.3"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8574FFD-A091-4EAB-AFDD-BB033E2AB27D", "versionEndExcluding": "12.5"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D144ED0A-A4C3-449C-A0BD-FA08738C3213", "versionEndExcluding": "14.3", "versionStartIncluding": "14.0"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99DDE91B-046B-4AF9-8B83-AAB960AE7EEB", "versionEndExcluding": "6.3", "versionStartIncluding": "6.0"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0B77FCC-0AEA-4B80-B322-A783068A0FDA", "versionEndExcluding": "7.2", "versionStartIncluding": "7.0"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}