| Vulnerability Name: | CVE-2019-6206 (CCN-156056) | ||||||||||||
| Assigned: | 2019-01-22 | ||||||||||||
| Published: | 2019-01-22 | ||||||||||||
| Updated: | 2020-08-24 | ||||||||||||
| Summary: | An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.3. Password autofill may fill in passwords after they were manually cleared. | ||||||||||||
| CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
5.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-200 | ||||||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2019-6206 Source: BID Type: Third Party Advisory, VDB Entry 106687 Source: XF Type: UNKNOWN apple-ios-cve20196206-info-disc(156056) Source: CCN Type: Apple security document HT209443 About the security content of iOS 12.1.3 Source: CONFIRM Type: Vendor Advisory https://support.apple.com/HT209443 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||