vulnerability

Apple iTunes security update for CVE-2019-8834

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:P/A:N)	Apr 6, 2020	Apr 6, 2020	Nov 2, 2020

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:P/A:N)

Published

Apr 6, 2020

Added

Apr 6, 2020

Modified

Nov 2, 2020

Description

A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list.

Solution

apple-itunes-upgrade-12_10_3

References

CVE-2019-8834
https://attackerkb.com/topics/CVE-2019-8834
URL-http://support.apple.com/kb/HT210793

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today