| Vulnerability Name: | CVE-2021-30966 (CCN-215102) | ||||||||||||
| Assigned: | 2021-08-24 | ||||||||||||
| Published: | 2021-08-24 | ||||||||||||
| Updated: | 2021-12-29 | ||||||||||||
| Summary: | A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations. | ||||||||||||
| CVSS v3 Severity: | 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) 6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-668 | ||||||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2021-30966 Source: XF Type: UNKNOWN appleios-cve202130966-info-disc(215102) Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT212975 Source: CCN Type: Apple security document HT212976 About the security content of iOS 15.2 and iPadOS 15.2 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT212976 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT212978 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT212980 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||