CVE-2018-4397

Summary

Analytics data was sent using HTTP rather than HTTPS. This was addressed by sending analytics data using HTTPS. This issue affected versions prior to Apple Support 2.4 for iOS.

Affected Software

VendorProductVersion RangeStatus
n/aApple Support appVersions prior to: Apple Support for iOS 2.4affected

Weaknesses

  • An attacker in a privileged network position may be able to intercept analytics data sent to Apple

ADP Enrichment

CVE Program Container

Additional References

References