CVE-2019-8799

low

Description

This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximity may be able to passively observe device names in AWDL communications.

References

https://support.apple.com/en-us/HT210604

https://support.apple.com/en-us/HT210607

https://support.apple.com/en-us/HT210634

https://support.apple.com/en-us/HT210603

Details

Source: MITRE

Published: 2020-10-27

Updated: 2021-07-21

Type: CWE-922

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 2.4

Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score: 1.4

Exploitability Score: 0.9

Severity: LOW