CVE-2021-30823
Description
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS.
CWE
- (none)
Affected
- Apple / iOS and iPadOS — v=unspecified <14.8 [affected]
- Apple / tvOS — v=unspecified <15 [affected]
- Apple / Safari — v=unspecified <15 [affected]
- Apple / watchOS — v=unspecified <8 [affected]
- Apple / macOS — v=unspecified <12.0 [affected]
CVSS
- (none)
References
- https://support.apple.com/en-us/HT212807 x_refsource_MISC
- https://support.apple.com/en-us/HT212819 x_refsource_MISC
- https://support.apple.com/en-us/HT212815 x_refsource_MISC
- https://support.apple.com/en-us/HT212816 x_refsource_MISC
- https://support.apple.com/en-us/HT212869 x_refsource_MISC
- https://support.apple.com/kb/HT212953 x_refsource_CONFIRM
- http://www.openwall.com/lists/oss-security/2021/12/20/6 mailing-list, x_refsource_MLIST
Source
cvelistV5-main/cves/2021/30xxx/CVE-2021-30823.json