var-201711-0444
Vulnerability from variot
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to monitor arbitrary apps via a crafted app that accesses process information at a high rate. Apple iOS, macOS High Sierra, tvOS, and watchOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system. watchOS is a smart watch operating system. The following products and versions are affected: Apple iOS prior to 11.1; macOS High Sierra prior to 10.13.1; tvOS prior to 11.1; watchOS prior to 4.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0444",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.1"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.13.1"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "4.1"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.13"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (ipad air or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (iphone 5s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (ipod touch first 6 generation )"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (apple tv 4k)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.1 (apple tv first 4 generation )"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "4.1 (apple watch all models )"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.9.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.10.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.10.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.9.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.8.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.9.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.9.4"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.9.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.9"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.10.2"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010337"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-391"
},
{
"db": "NVD",
"id": "CVE-2017-13852"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:watchos",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010337"
}
]
},
"cve": "CVE-2017-13852",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-13852",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-104516",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.8,
"id": "CVE-2017-13852",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-13852",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2017-13852",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-391",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-104516",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13852",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104516"
},
{
"db": "VULMON",
"id": "CVE-2017-13852"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010337"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-391"
},
{
"db": "NVD",
"id": "CVE-2017-13852"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the \"Kernel\" component. It allows attackers to monitor arbitrary apps via a crafted app that accesses process information at a high rate. Apple iOS, macOS High Sierra, tvOS, and watchOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system. watchOS is a smart watch operating system. The following products and versions are affected: Apple iOS prior to 11.1; macOS High Sierra prior to 10.13.1; tvOS prior to 11.1; watchOS prior to 4.1",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13852"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010337"
},
{
"db": "VULHUB",
"id": "VHN-104516"
},
{
"db": "VULMON",
"id": "CVE-2017-13852"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13852",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU99000953",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010337",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201711-391",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-104516",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-13852",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104516"
},
{
"db": "VULMON",
"id": "CVE-2017-13852"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010337"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-391"
},
{
"db": "NVD",
"id": "CVE-2017-13852"
}
]
},
"id": "VAR-201711-0444",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-104516"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T19:54:30.113000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT201222"
},
{
"title": "HT208221",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT208221"
},
{
"title": "HT208222",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT208222"
},
{
"title": "HT208219",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT208219"
},
{
"title": "HT208220",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT208220"
},
{
"title": "HT208219",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT208219"
},
{
"title": "HT208220",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT208220"
},
{
"title": "HT208221",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT208221"
},
{
"title": "HT208222",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT208222"
},
{
"title": "Multiple Apple product Kernel Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76259"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010337"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-391"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104516"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010337"
},
{
"db": "NVD",
"id": "CVE-2017-13852"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.apple.com/ht208219"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208220"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208221"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208222"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13852"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99000953/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13852"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104516"
},
{
"db": "VULMON",
"id": "CVE-2017-13852"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010337"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-391"
},
{
"db": "NVD",
"id": "CVE-2017-13852"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-104516"
},
{
"db": "VULMON",
"id": "CVE-2017-13852"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010337"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-391"
},
{
"db": "NVD",
"id": "CVE-2017-13852"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-13T00:00:00",
"db": "VULHUB",
"id": "VHN-104516"
},
{
"date": "2017-11-13T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13852"
},
{
"date": "2017-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010337"
},
{
"date": "2017-11-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-391"
},
{
"date": "2017-11-13T03:29:02.473000",
"db": "NVD",
"id": "CVE-2017-13852"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-104516"
},
{
"date": "2019-03-08T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13852"
},
{
"date": "2017-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010337"
},
{
"date": "2019-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-391"
},
{
"date": "2024-11-21T03:11:48.060000",
"db": "NVD",
"id": "CVE-2017-13852"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-391"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Vulnerabilities that allow arbitrary application monitoring in product kernel components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010337"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-391"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.