Details of VAR-201912-0455

ID

VAR-201912-0455

CVE

CVE-2019-7289

TITLE

apple's iPhone OS for Shortcuts Past traversal vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2019-016877

DESCRIPTION

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in Shortcuts 2.1.3 for iOS. A local user may be able to view senstive user information. apple's iPhone OS for Shortcuts Exists in a past traversal vulnerability.Information may be obtained. Apple iOS is prone to the following vulnerabilities: 1. An information-disclosure vulnerability. 2. A security-bypass vulnerability Attackers can exploit these issues to gain sensitive information and to bypass security mechanisms. This may aid in further attacks. Apple Shortcuts version 2.1.2 is vulnerable. There is a security vulnerability in the processing of directory paths in versions prior to 2.1.3 of Apple Shortcuts based on the iOS platform. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-2-07-3 Shortcuts 2.1.3 for iOS Shortcuts 2.1.3 for iOS is now available and addresses the following: Shortcuts Available for: Shortcuts 2.1.2 for iOS Impact: A local user may be able to view senstive user information Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2019-7289: Sem VoigtlA$?nder of Fontys Hogeschool ICT Shortcuts Available for: Shortcuts 2.1.2 for iOS Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. CVE-2019-7290: Avimanyu Roy (@AvimanyuRoy3) Additional recognition Shortcuts We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool ICT for their assistance. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlxcZmopHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HU4A/8 DI/d6q1a4C0x7/T/XBDc4WsuvOFa5mmaTicKE24CRJjDjb2c11ZOtIeeBF7HBJVx 5+326g+3y1J7wAPT1o5btQQv0SNxVaDuJUa8hNUrheg+LpQ5dEzVY50X+lMJ9etE gjyyZWrzWMSXvuHj+CrXRuK1BXZQCWZzOXIPfVOYqH3eBao0ld4NaQdtviUctNla wgiLZ+33fVFJm1MjtdcjxOhKd54GVGUnKN338YhnFQfIjEZA7zeOvKlzb77ZqDZx JxpuVIpkv4OvWX0Xg+u0iYALEbJDr75vk3YUjuKHCWENdJM9Eka64yVxdGc7C9/E vpAKwVaWcgCJuDexaqwt/ht1AclMVzORPSYtU0A1HxyVR3kEUVjAWAuANjakB/Zn CDerYQiTOyFSZIvitkrunQmb65iXMjjYgznnTjAxv1kkil5uAz56L+jJ0C/CNw4y kzsQnrKbxyTNJ/qYzPaEJChsZ7FSWakBUJZ62hQzRaQnXgGZ8UyfyL9cRS5NUaO5 Yd0FaQk7UWCsbFzePHTlSbA5GedweJ6cXcoBst/WdpGP+81ZnvQMhbEJvxXwmKP1 xpq0PhAWRFBQFtWowhVE7fKLQj9zqao86eSebKK1Tc9VfnFNUmTQjyQo2HpdQtnC eW17D5S5FBaov6WyxASP5Wmi8xJsmgWP4OomprfSbNQ= =BI6A -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2019-7289 // JVNDB: JVNDB-2019-016877 // BID: 106957 // VULHUB: VHN-158724 // VULMON: CVE-2019-7289 // PACKETSTORM: 151576

AFFECTED PRODUCTS

vendor:	apple	model:	shortcuts	scope:	lt	version:	2.1.3	Trust: 1.0
vendor:	アップル	model:	shortcuts	scope:	eq	version:	2.1.3	Trust: 0.8
vendor:	アップル	model:	shortcuts	scope:	eq	version:	-	Trust: 0.8
vendor:	apple	model:	shortcuts	scope:	eq	version:	2.1.2	Trust: 0.3
vendor:	apple	model:	shortcuts	scope:	ne	version:	2.1.3	Trust: 0.3

sources: BID: 106957 // JVNDB: JVNDB-2019-016877 // NVD: CVE-2019-7289

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-7289
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-7289
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201902-343
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-158724
value:	LOW
Trust: 0.1
VULMON:	CVE-2019-7289
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2019-7289
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-158724
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-7289
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2019-7289
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-158724 // VULMON: CVE-2019-7289 // JVNDB: JVNDB-2019-016877 // CNNVD: CNNVD-201902-343 // NVD: CVE-2019-7289

PROBLEMTYPE DATA

problemtype:	CWE-22	Trust: 1.1
problemtype:	Path traversal (CWE-22) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-158724 // JVNDB: JVNDB-2019-016877 // NVD: CVE-2019-7289

THREAT TYPE

local

Trust: 0.9

sources: BID: 106957 // CNNVD: CNNVD-201902-343

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201902-343

PATCH

title:	HT209522 Apple Security update	url:	https://support.apple.com/en-us/HT209522	Trust: 0.8
title:	Apple iOS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89157	Trust: 0.6
title:	plataoplomo	url:	https://github.com/userlandkernel/plataoplomo	Trust: 0.1

sources: VULMON: CVE-2019-7289 // JVNDB: JVNDB-2019-016877 // CNNVD: CNNVD-201902-343

EXTERNAL IDS

db:	NVD	id:	CVE-2019-7289	Trust: 3.8
db:	BID	id:	106957	Trust: 0.9
db:	PACKETSTORM	id:	151576	Trust: 0.8
db:	JVNDB	id:	JVNDB-2019-016877	Trust: 0.8
db:	CNNVD	id:	CNNVD-201902-343	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.0390	Trust: 0.6
db:	VULHUB	id:	VHN-158724	Trust: 0.1
db:	VULMON	id:	CVE-2019-7289	Trust: 0.1

sources: VULHUB: VHN-158724 // VULMON: CVE-2019-7289 // BID: 106957 // JVNDB: JVNDB-2019-016877 // PACKETSTORM: 151576 // CNNVD: CNNVD-201902-343 // NVD: CVE-2019-7289

REFERENCES

url:	https://support.apple.com/ht209522	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-7289	Trust: 1.5
url:	https://packetstormsecurity.com/files/151576/apple-security-advisory-2019-2-07-3.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/75258	Trust: 0.6
url:	http://www.securityfocus.com/bid/106957	Trust: 0.6
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/ios/	Trust: 0.3
url:	https://support.apple.com/en-us/ht209522	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/22.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/userlandkernel/plataoplomo	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-7290	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1

sources: VULHUB: VHN-158724 // VULMON: CVE-2019-7289 // BID: 106957 // JVNDB: JVNDB-2019-016877 // PACKETSTORM: 151576 // CNNVD: CNNVD-201902-343 // NVD: CVE-2019-7289

CREDITS

Sem Voigtl?¤nder from Fontys Hogeschool ICT and Avimanyu Roy (@AvimanyuRoy3).,Fontys Hogeschool ICT of Sem Voigtl?nder

Trust: 0.6

sources: CNNVD: CNNVD-201902-343

SOURCES

db:	VULHUB	id:	VHN-158724
db:	VULMON	id:	CVE-2019-7289
db:	BID	id:	106957
db:	JVNDB	id:	JVNDB-2019-016877
db:	PACKETSTORM	id:	151576
db:	CNNVD	id:	CNNVD-201902-343
db:	NVD	id:	CVE-2019-7289

LAST UPDATE DATE

2024-11-23T22:11:45.196000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-158724	date:	2020-08-24T00:00:00
db:	VULMON	id:	CVE-2019-7289	date:	2020-08-24T00:00:00
db:	BID	id:	106957	date:	2019-02-07T00:00:00
db:	JVNDB	id:	JVNDB-2019-016877	date:	2024-07-19T04:39:00
db:	CNNVD	id:	CNNVD-201902-343	date:	2020-08-25T00:00:00
db:	NVD	id:	CVE-2019-7289	date:	2024-11-21T04:47:56.150

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-158724	date:	2019-12-18T00:00:00
db:	VULMON	id:	CVE-2019-7289	date:	2019-12-18T00:00:00
db:	BID	id:	106957	date:	2019-02-07T00:00:00
db:	JVNDB	id:	JVNDB-2019-016877	date:	2024-07-19T00:00:00
db:	PACKETSTORM	id:	151576	date:	2019-02-07T18:32:22
db:	CNNVD	id:	CNNVD-201902-343	date:	2019-02-07T00:00:00
db:	NVD	id:	CVE-2019-7289	date:	2019-12-18T18:15:22.207