CVE-2021-46841

Summary

This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.

Affected Software

VendorProductVersion RangeStatus
AppleApple Music for Androidunspecified < 3.5affected

Weaknesses

  • An attacker in a privileged network position can track a user's activity

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References