Sign-up

ID

VAR-201804-1045


CVE

CVE-2017-7172


TITLE

plural Apple Product CFNetwork Session Component vulnerable to arbitrary code execution in privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2017-013159

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "CFNetwork Session" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Apple Safari. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of ResourceRequest objects. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code under the context of the user. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. CFNetwork Session is one of the session components of CFNetwork (a C-based underlying framework, an extension of BSD sockets). The following products and versions are affected: Apple iOS prior to 11.2; macOS High Sierra prior to 10.13.2; Windows-based iCloud prior to 7.2; Windows-based iTunes prior to 12.7.2; tvOS prior to 11.2; watchOS prior to 4.2 Version

Trust: 2.34

sources: NVD: CVE-2017-7172 // JVNDB: JVNDB-2017-013159 // ZDI: ZDI-18-151 // VULHUB: VHN-115375

AFFECTED PRODUCTS

vendor:applemodel:tvosscope:ltversion:11.2

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:7.2

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.13.2

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:4.2

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:11.2

Trust: 1.0

vendor:applemodel:itunesscope:ltversion:12.7.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.11.6

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.12.6

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.13.1

Trust: 0.8

vendor:applemodel:icloudscope:ltversion:7.2 (windows 7 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:11.2 (ipad air or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:11.2 (iphone 5s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:11.2 (ipod touch first 6 generation )

Trust: 0.8

vendor:applemodel:itunesscope:ltversion:for windows 12.7.2 (windows 7 or later )

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:11.2 (apple tv 4k)

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:11.2 (apple tv first 4 generation )

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:4.2 (apple watch all models )

Trust: 0.8

vendor:applemodel:safariscope: - version: -

Trust: 0.7

vendor:applemodel:itunesscope:eqversion:12.5.2

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:12.5.4

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:12.6

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:12.6.3

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:7.0.2

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:12.5.5

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:12.6.2

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:12.6.1

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:12.7.1

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:12.7

Trust: 0.6

sources: ZDI: ZDI-18-151 // JVNDB: JVNDB-2017-013159 // CNNVD: CNNVD-201703-820 // NVD: CVE-2017-7172

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-7172
value: HIGH

Trust: 1.0

NVD: CVE-2017-7172
value: HIGH

Trust: 0.8

ZDI: CVE-2017-7172
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-201703-820
value: HIGH

Trust: 0.6

VULHUB: VHN-115375
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-7172
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2017-7172
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

VULHUB: VHN-115375
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-7172
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: ZDI: ZDI-18-151 // VULHUB: VHN-115375 // JVNDB: JVNDB-2017-013159 // CNNVD: CNNVD-201703-820 // NVD: CVE-2017-7172

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-115375 // JVNDB: JVNDB-2017-013159 // NVD: CVE-2017-7172

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201703-820

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201703-820

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-013159

PATCH
title:HT208334url:https://support.apple.com/en-us/HT208334
Trust: 1.5
title:HT208328url:https://support.apple.com/en-us/HT208328
Trust: 0.8
title:HT208331url:https://support.apple.com/en-us/HT208331
Trust: 0.8
title:HT208325url:https://support.apple.com/en-us/HT208325
Trust: 0.8
title:HT208326url:https://support.apple.com/en-us/HT208326
Trust: 0.8
title:HT208327url:https://support.apple.com/en-us/HT208327
Trust: 0.8
title:HT208334url:https://support.apple.com/ja-jp/HT208334
Trust: 0.8
title:HT208325url:https://support.apple.com/ja-jp/HT208325
Trust: 0.8
title:HT208326url:https://support.apple.com/ja-jp/HT208326
Trust: 0.8
title:HT208327url:https://support.apple.com/ja-jp/HT208327
Trust: 0.8
title:HT208328url:https://support.apple.com/ja-jp/HT208328
Trust: 0.8
title:HT208331url:https://support.apple.com/ja-jp/HT208331
Trust: 0.8
title:Multiple Apple product CFNetwork Session Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90622
Trust: 0.6
sources:
            
            
            ZDI: ZDI-18-151 // 
            
            
            
            JVNDB: JVNDB-2017-013159 // 
            
            
            
            CNNVD: CNNVD-201703-820

EXTERNAL IDS
db:NVDid:CVE-2017-7172
Trust: 3.2
db:JVNid:JVNVU98418454
Trust: 0.8
db:JVNDBid:JVNDB-2017-013159
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-5345
Trust: 0.7
db:ZDIid:ZDI-18-151
Trust: 0.7
db:CNNVDid:CNNVD-201703-820
Trust: 0.7
db:VULHUBid:VHN-115375
Trust: 0.1
sources:
            
            
            ZDI: ZDI-18-151 // 
            
            
            
            VULHUB: VHN-115375 // 
            
            
            
            JVNDB: JVNDB-2017-013159 // 
            
            
            
            CNNVD: CNNVD-201703-820 // 
            
            
            
            NVD: CVE-2017-7172

REFERENCES
url:https://support.apple.com/ht208325
Trust: 1.7
url:https://support.apple.com/ht208326
Trust: 1.7
url:https://support.apple.com/ht208327
Trust: 1.7
url:https://support.apple.com/ht208328
Trust: 1.7
url:https://support.apple.com/ht208331
Trust: 1.7
url:https://support.apple.com/ht208334
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7172
Trust: 0.8
url:http://jvn.jp/vu/jvnvu98418454/index.html
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-7172
Trust: 0.8
url:https://support.apple.com/en-us/ht208334
Trust: 0.7
sources:
            
            
            ZDI: ZDI-18-151 // 
            
            
            
            VULHUB: VHN-115375 // 
            
            
            
            JVNDB: JVNDB-2017-013159 // 
            
            
            
            CNNVD: CNNVD-201703-820 // 
            
            
            
            NVD: CVE-2017-7172

CREDITS
Richard Zhu (fluorescence)
Trust: 0.7
sources:
            
            
            ZDI: ZDI-18-151

SOURCES
db:ZDIid:ZDI-18-151
db:VULHUBid:VHN-115375
db:JVNDBid:JVNDB-2017-013159
db:CNNVDid:CNNVD-201703-820
db:NVDid:CVE-2017-7172

LAST UPDATE DATE
2024-11-23T20:34:28.441000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-18-151date:2018-02-07T00:00:00
db:VULHUBid:VHN-115375date:2019-03-08T00:00:00
db:JVNDBid:JVNDB-2017-013159date:2018-06-04T00:00:00
db:CNNVDid:CNNVD-201703-820date:2019-03-13T00:00:00
db:NVDid:CVE-2017-7172date:2024-11-21T03:31:18.800

SOURCES RELEASE DATE
db:ZDIid:ZDI-18-151date:2018-02-07T00:00:00
db:VULHUBid:VHN-115375date:2018-04-03T00:00:00
db:JVNDBid:JVNDB-2017-013159date:2018-06-04T00:00:00
db:CNNVDid:CNNVD-201703-820date:2017-03-20T00:00:00
db:NVDid:CVE-2017-7172date:2018-04-03T06:29:02.703