CVE-2019-8901

Summary

This issue was addressed by verifying host keys when connecting to a previously-known SSH server. This issue is fixed in iOS 13.1 and iPadOS 13.1. An attacker in a privileged network position may be able to intercept SSH traffic from the “Run script over SSH” action.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOSunspecified < 13.1affected

Weaknesses

  • An attacker in a privileged network position may be able to intercept SSH traffic from the “Run script over SSH” action

ADP Enrichment

CVE Program Container

Additional References

References