PT-2017-17543 · Apple · Ios
Igor Makarov
+2
·
Publicado
2017-10-23
·
Atualizado
2017-10-26
·
CVE-2017-7148
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
iOS versions prior to 11
Description
An issue in certain Apple products involves the
Location Framework component, allowing attackers to obtain sensitive location information via a crafted app that reads the location variable.Recommendations
For iOS versions prior to 11, update to a version 11 or later to resolve the issue. As a temporary workaround, consider restricting access to location services for untrusted apps until a patch is available.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ios