CVE-2018-4409

MEDIUM

Description

A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

References

https://support.apple.com/kb/HT209192

https://support.apple.com/kb/HT209194

https://support.apple.com/kb/HT209196

https://support.apple.com/kb/HT209197

https://support.apple.com/kb/HT209198

Details

Source: MITRE

Published: 2019-04-03

Updated: 2019-04-05

Type: CWE-400

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (7 total)

ID	Name	Product	Family	Severity
700554	Apple iOS < 12.1 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	medium
700506	Apple Safari < 12.0.1 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
118718	Apple iTunes < 12.9.1 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	medium
118717	Apple iTunes < 12.9.1 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	medium
118712	Apple TV < 12.1 Multiple Vulnerabilities	Nessus	Misc.	high
118571	macOS : Apple Safari < 12.0.1 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	medium
118569	Apple iOS < 12.1 Multiple Vulnerabilities	Nessus	Mobile Devices	high