CVE-2019-8848
Description
This issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An application may be able to gain elevated privileges.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.297
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-8848,CVE-2019-15903,CVE-2019-8835,CVE-2019-8844,CVE-2019-8846 are fixed in Apple iTunes (12.10.3.1) | Windows |
| Vulnerabilities CVE-2019-8848,CVE-2019-15903,CVE-2019-8835,CVE-2019-8844,CVE-2019-8846 are fixed in iCloud 7.16 (includes AAS 8.2) | Windows |
| Vulnerabilities CVE-2019-8848,CVE-2019-15903,CVE-2019-8835,CVE-2019-8844,CVE-2019-8846 are fixed in iCloud 10.9 | Windows |
| Multiple vulnerabilities fixed in Apple iTunes (X64) (12.10.3.1) | Windows |
| Multiple vulnerabilities fixed in iCloud 10.9 | Windows |
| Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.10.2 | Windows |
| Multiple Vulnerabilities are affected in Apple iTunes 12.10.2 | Windows |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.2 | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.2 Combo Update | Mac |
| Vulnerabilities CVE-2019-8848 are affected in Apple iTunes For Mac 12.10.2 | Mac |
| Vulnerabilities CVE-2019-8848 are affected in Apple Safari for MAC 13.0.1 | Mac |
| Multiple Vulnerabilities are affected in Apple Safari for MAC 13.0.1 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-312125 | Apple iTunes (12.10.3.1) |
| PATCH-312129 | iCloud (7.16.0.15) |
| PATCH-316162 | iCloud (7.21.0.23) (Deployment-Only) |
| PATCH-312126 | Apple iTunes (X64) (12.10.3.1) |
| PATCH-316162 | iCloud (7.21.0.23) (Deployment-Only) |
| PATCH-602673 | MacOS Catalina 10.15.7 - Auto Reboot |
| PATCH-602674 | macOS Catalina 10.15.7 Combo Update - Auto Reboot |
| PATCH-611604 | Apple Safari for MAC (MacOS Sonoma) (18.6) |
| PATCH-611604 | Apple Safari for MAC (MacOS Sonoma) (18.6) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234