Sign-up

ID

VAR-201704-0721


CVE

CVE-2017-2387


TITLE

Android for Apple Music Application vulnerabilities impersonating servers

Trust: 0.8

sources: JVNDB: JVNDB-2017-002443

DESCRIPTION

The Apple Music (aka com.apple.android.music) application before 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Apple Music for Android is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may lead to further attacks. Versions prior to Apple Music 2.0 running on Android version 4.3 and later are vulnerable. The vulnerability stems from the fact that the program does not verify the X.509 certificate on the SSL server side. Impact An attacker who can perform a man in the middle attack may present bogus SSL certificates which the application will accept silently. Timeline August 5, 2016 - Notified Apple via product-security@apple.com August 5, 2016 - Apple sent an auto acknowledgment August 16, 2016 - Apple responded stating that they are investigating October 5, 2016 - Apple confirmed the vulnerability January 18, 2017 - Asked for a status update January 20, 2017 - Apple responded stating that they are still working on the issue April 4, 2017 - Apple released version 2.0.0 which resolves this vulnerability Solution Upgrade to version 2.0.0 or later https://support.apple.com/en-us/HT207605 https://support.apple.com/en-us/HT201222 CVE-ID: CVE-2017-2387 . This issue was addressed through improved certificate validation. CVE-2017-2387: David Coomber of Info-Sec.CA Installation note: Apple Music 2.0 for Android may be obtained from Google Play. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJY495eAAoJEIOj74w0bLRGVxwP/RCoUs/5c4PWbLKKMSIRqn/0 CQXJJsFW4IhR2ve9fyokQiYNNNRXkbz2hIj/veuv4mHfo9cq5iN4qdbktBQIiuCJ V3emDwGO8+thvJUJXZ5AMBz8lX0zEvqN1k2yIyk7lzqQQOzx0hIJASWX0B2oBB95 IsjbUmybVwRCL32Sn86RW9lVisfcchjwRMbYtoBORLqjLJOuQnTQzc91VdeSO4o/ pg0Am9OcumlhkeiEpu/RXBgnb7x7bx/KdFfQYEVDiyWmCxYJkDI96SDYuvu037f1 ZRL0hmmfgtMDjitVF2vAailMQkJ+JRaIkK/YW5sAUY+p6OdwRnOx+0ZQbrMfTFrK x8EdAo8v84HsEFToz7nRXy9tF3CLumWuSaOy6nJ7UKnFR6nXqqqXI6z7+M+HGcpY UVyspkBm9kYjLFz798tLCIUOdtIgURMkBTDIzrsAixaxDbUUrfgOxBwohh8gTE5X 1rucHpi5fK15SkCBndbRa2sDGnmNKP9MT0OL8DkRwQ06Owr5rn66emVc1vP26jK/ vvFwW5xRTdfXSTB5iU3QWwcDIlWu8D6sfMQAaPt1lSg0luvIUlAQGSiIfF92grOo PQfsZ8zUu1ghDefKxy7DfhUAlfjabM3c00p9mqjroFyQO//QiMnogGDDhC3oQx9V uOCp21cCIHCLiYFyhV2y =eJ3o -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2017-2387 // JVNDB: JVNDB-2017-002443 // BID: 97390 // VULHUB: VHN-110590 // PACKETSTORM: 142038 // PACKETSTORM: 142034

AFFECTED PRODUCTS

vendor:applemodel:musicscope:eqversion:1.2.1

Trust: 1.9

vendor:applemodel:musicscope:ltversion:2.0 (android version 4.3 or later )\u3000 confirmation required

Trust: 0.8

vendor:applemodel:musicscope:eqversion:1.2.0

Trust: 0.3

vendor:applemodel:musicscope:eqversion:1.1.2

Trust: 0.3

vendor:applemodel:musicscope:eqversion:1.1.1

Trust: 0.3

vendor:applemodel:musicscope:eqversion:1.1.0

Trust: 0.3

vendor:applemodel:musicscope:eqversion:1.0.1

Trust: 0.3

vendor:applemodel:musicscope:eqversion:1.0.0

Trust: 0.3

vendor:applemodel:musicscope:eqversion:0.9.11

Trust: 0.3

vendor:applemodel:musicscope:eqversion:0.9.1

Trust: 0.3

vendor:applemodel:musicscope:neversion:2.0

Trust: 0.3

sources: BID: 97390 // JVNDB: JVNDB-2017-002443 // NVD: CVE-2017-2387 // CNNVD: CNNVD-201704-317

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2017-2387
value: MEDIUM

Trust: 1.8

CNNVD: CNNVD-201704-317
value: MEDIUM

Trust: 0.6

VULHUB: VHN-110590
value: LOW

Trust: 0.1

NVD:
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: TRUE
version: 2.0

Trust: 1.0

NVD: CVE-2017-2387
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:P/I:N/A:N
accessVector: ADJACENT NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-110590
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD:
baseSeverity: MEDIUM
baseScore: 4.8
vectorString: CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: ADJACENT_NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.2
impactScore: 3.6
version: 3.0

Trust: 1.0

NVD: CVE-2017-2387
baseSeverity: MEDIUM
baseScore: 4.8
vectorString: CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: ADJACENT NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-110590 // JVNDB: JVNDB-2017-002443 // NVD: CVE-2017-2387 // CNNVD: CNNVD-201704-317

PROBLEMTYPE DATA

problemtype:CWE-295

Trust: 1.1

problemtype:CWE-310

Trust: 0.9

sources: VULHUB: VHN-110590 // JVNDB: JVNDB-2017-002443 // NVD: CVE-2017-2387

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201704-317

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201704-317

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2017-2387

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/ht201222
Trust: 0.8
title:HT207605url:https://support.apple.com/en-us/ht207605
Trust: 0.8
title:HT207605url:https://support.apple.com/ja-jp/ht207605
Trust: 0.8
title:Apple Music for Android Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68930
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2017-002443 // 
            
            
            
            CNNVD: CNNVD-201704-317

EXTERNAL IDS
db:NVDid:CVE-2017-2387
Trust: 3.0
db:BIDid:97390
Trust: 2.0
db:JVNDBid:JVNDB-2017-002443
Trust: 0.8
db:CNNVDid:CNNVD-201704-317
Trust: 0.7
db:PACKETSTORMid:142038
Trust: 0.2
db:PACKETSTORMid:142034
Trust: 0.2
db:VULHUBid:VHN-110590
Trust: 0.1
sources:
            
            
            VULHUB: VHN-110590 // 
            
            
            
            BID: 97390 // 
            
            
            
            JVNDB: JVNDB-2017-002443 // 
            
            
            
            PACKETSTORM: 142038 // 
            
            
            
            PACKETSTORM: 142034 // 
            
            
            
            NVD: CVE-2017-2387 // 
            
            
            
            CNNVD: CNNVD-201704-317

REFERENCES
url:http://www.info-sec.ca/advisories/apple-music.html
Trust: 1.8
url:http://www.securityfocus.com/bid/97390
Trust: 1.7
url:https://support.apple.com/ht207605
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2017-2387
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-cve-2017-2387
Trust: 0.8
url:https://www.apple.com/
Trust: 0.3
url:https://support.apple.com/en-us/ht207605 
Trust: 0.3
url:https://support.apple.com/en-us/ht207605
Trust: 0.1
url:https://support.apple.com/en-us/ht201222
Trust: 0.1
url:https://play.google.com/store/apps/details?id=com.apple.android.music)
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:http://gpgtools.org
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-110590 // 
            
            
            
            BID: 97390 // 
            
            
            
            JVNDB: JVNDB-2017-002443 // 
            
            
            
            PACKETSTORM: 142038 // 
            
            
            
            PACKETSTORM: 142034 // 
            
            
            
            NVD: CVE-2017-2387 // 
            
            
            
            CNNVD: CNNVD-201704-317

CREDITS
David Coomber of Info-Sec.CA
Trust: 0.9
sources:
            
            
            BID: 97390 // 
            
            
            
            CNNVD: CNNVD-201704-317

SOURCES
db:VULHUBid:VHN-110590
db:BIDid:97390
db:JVNDBid:JVNDB-2017-002443
db:PACKETSTORMid:142038
db:PACKETSTORMid:142034
db:NVDid:CVE-2017-2387
db:CNNVDid:CNNVD-201704-317

LAST UPDATE DATE
2023-12-18T12:04:19.109000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-110590date:2019-10-03T00:00:00
db:BIDid:97390date:2017-04-11T00:03:00
db:JVNDBid:JVNDB-2017-002443date:2017-04-14T00:00:00
db:NVDid:CVE-2017-2387date:2019-10-03T00:03:26.223
db:CNNVDid:CNNVD-201704-317date:2019-10-23T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-110590date:2017-04-07T00:00:00
db:BIDid:97390date:2017-04-04T00:00:00
db:JVNDBid:JVNDB-2017-002443date:2017-04-14T00:00:00
db:PACKETSTORMid:142038date:2017-04-06T13:14:15
db:PACKETSTORMid:142034date:2017-04-06T19:22:22
db:NVDid:CVE-2017-2387date:2017-04-07T11:59:00.153
db:CNNVDid:CNNVD-201704-317date:2017-04-11T00:00:00