mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-30 18:04:30 +00:00
72 lines
2.4 KiB
JSON
72 lines
2.4 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "product-security@apple.com",
|
|
"ID": "CVE-2017-7147",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "An issue was discovered in certain Apple products. The Apple Support app before 1.2 for iOS is affected. The issue involves the \"Analytics\" component. It allows remote attackers to obtain sensitive analytics information by leveraging its presence in a cleartext HTTP transmission to an Adobe Marketing Cloud server operated for Apple, as demonstrated by information about the installation date and time."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "101533",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/101533"
|
|
},
|
|
{
|
|
"name": "https://www.info-sec.ca/advisories/Apple-Support.html",
|
|
"refsource": "MISC",
|
|
"url": "https://www.info-sec.ca/advisories/Apple-Support.html"
|
|
},
|
|
{
|
|
"name": "https://support.apple.com/HT208201",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://support.apple.com/HT208201"
|
|
}
|
|
]
|
|
}
|
|
} |