CVE-2018-4397
N/A
N/A
Summary
Analytics data was sent using HTTP rather than HTTPS. This was addressed by sending analytics data using HTTPS. This issue affected versions prior to Apple Support 2.4 for iOS.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Apple Support app | Versions prior to: Apple Support for iOS 2.4 | affected |
Weaknesses
- An attacker in a privileged network position may be able to intercept analytics data sent to Apple
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.