PT-2019-19148 · Apple · Watchos+1
Jeff Braswell
·
Publicado
2019-12-18
·
Atualizado
2019-12-20
·
CVE-2019-8682
CVSS v3.1
2.4
Baixa
| Vetor | AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
iOS versions prior to 12.4
watchOS versions prior to 5.3
Description
The issue allows a user to inadvertently complete an in-app purchase while on the lock screen. This is due to inadequate UI handling.
Recommendations
For iOS versions prior to 12.4, update to iOS 12.4 to resolve the issue.
For watchOS versions prior to 5.3, update to watchOS 5.3 to resolve the issue.
Correção
Missing Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ios
Watchos