CVE-2022-26773

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Apple iTunes versions prior to 12.12.4 for Windows

Description A logic issue was addressed with improved state management, allowing an application to potentially delete files for which it does not have permission.

Recommendations For Apple iTunes versions prior to 12.12.4 for Windows, update to version 12.12.4 or later to resolve the issue.

Fix

Improper Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285

Related Identifiers

CVE-2022-26773

ZDI-23-1497

Affected Products

Itunes

CVE-2022-26773

Weakness Enumeration

Related Identifiers

Affected Products

References · 5