Details of VAR-201912-0456

ID

VAR-201912-0456

CVE

CVE-2019-7290

TITLE

apple's iPhone OS for Shortcuts Vulnerability in externally controllable references to resources in another region of

Trust: 0.8

sources: JVNDB: JVNDB-2019-016878

DESCRIPTION

An access issue was addressed with additional sandbox restrictions. This issue is fixed in Shortcuts 2.1.3 for iOS. A sandboxed process may be able to circumvent sandbox restrictions. apple's iPhone OS for Shortcuts Exists in a vulnerability in externally controllable references to resources in another region.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Apple iOS is prone to the following vulnerabilities: 1. An information-disclosure vulnerability. 2. A security-bypass vulnerability Attackers can exploit these issues to gain sensitive information and to bypass security mechanisms. This may aid in further attacks. Apple Shortcuts version 2.1.2 is vulnerable. A security vulnerability exists in Apple Shortcuts versions prior to 2.1.3 based on the iOS platform. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-2-07-3 Shortcuts 2.1.3 for iOS Shortcuts 2.1.3 for iOS is now available and addresses the following: Shortcuts Available for: Shortcuts 2.1.2 for iOS Impact: A local user may be able to view senstive user information Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2019-7290: Avimanyu Roy (@AvimanyuRoy3) Additional recognition Shortcuts We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool ICT for their assistance. Installation note: Shortcuts 2.1.3 for iOS may be obtained from the App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlxcZmopHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HU4A/8 DI/d6q1a4C0x7/T/XBDc4WsuvOFa5mmaTicKE24CRJjDjb2c11ZOtIeeBF7HBJVx 5+326g+3y1J7wAPT1o5btQQv0SNxVaDuJUa8hNUrheg+LpQ5dEzVY50X+lMJ9etE gjyyZWrzWMSXvuHj+CrXRuK1BXZQCWZzOXIPfVOYqH3eBao0ld4NaQdtviUctNla wgiLZ+33fVFJm1MjtdcjxOhKd54GVGUnKN338YhnFQfIjEZA7zeOvKlzb77ZqDZx JxpuVIpkv4OvWX0Xg+u0iYALEbJDr75vk3YUjuKHCWENdJM9Eka64yVxdGc7C9/E vpAKwVaWcgCJuDexaqwt/ht1AclMVzORPSYtU0A1HxyVR3kEUVjAWAuANjakB/Zn CDerYQiTOyFSZIvitkrunQmb65iXMjjYgznnTjAxv1kkil5uAz56L+jJ0C/CNw4y kzsQnrKbxyTNJ/qYzPaEJChsZ7FSWakBUJZ62hQzRaQnXgGZ8UyfyL9cRS5NUaO5 Yd0FaQk7UWCsbFzePHTlSbA5GedweJ6cXcoBst/WdpGP+81ZnvQMhbEJvxXwmKP1 xpq0PhAWRFBQFtWowhVE7fKLQj9zqao86eSebKK1Tc9VfnFNUmTQjyQo2HpdQtnC eW17D5S5FBaov6WyxASP5Wmi8xJsmgWP4OomprfSbNQ= =BI6A -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2019-7290 // JVNDB: JVNDB-2019-016878 // BID: 106957 // VULHUB: VHN-158725 // VULMON: CVE-2019-7290 // PACKETSTORM: 151576

AFFECTED PRODUCTS

vendor:	apple	model:	shortcuts	scope:	lt	version:	2.1.3	Trust: 1.0
vendor:	アップル	model:	shortcuts	scope:	eq	version:	2.1.3	Trust: 0.8
vendor:	アップル	model:	shortcuts	scope:	eq	version:	-	Trust: 0.8
vendor:	apple	model:	shortcuts	scope:	eq	version:	2.1.2	Trust: 0.3
vendor:	apple	model:	shortcuts	scope:	ne	version:	2.1.3	Trust: 0.3

sources: BID: 106957 // JVNDB: JVNDB-2019-016878 // NVD: CVE-2019-7290

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-7290
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2019-7290
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201902-339
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-158725
value:	HIGH
Trust: 0.1
VULMON:	CVE-2019-7290
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-7290
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-158725
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-7290
baseSeverity:	CRITICAL
baseScore:	10.0
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	6.0
version:	3.1
Trust: 1.0
NVD:	CVE-2019-7290
baseSeverity:	CRITICAL
baseScore:	10.0
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-158725 // VULMON: CVE-2019-7290 // JVNDB: JVNDB-2019-016878 // CNNVD: CNNVD-201902-339 // NVD: CVE-2019-7290

PROBLEMTYPE DATA

problemtype:	CWE-610	Trust: 1.1
problemtype:	Externally controllable reference to another region resource (CWE-610) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-158725 // JVNDB: JVNDB-2019-016878 // NVD: CVE-2019-7290

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201902-339

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201902-339

PATCH

title:	HT209522 Apple Security update	url:	https://support.apple.com/en-us/HT209522	Trust: 0.8
title:	Apple iOS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89153	Trust: 0.6

sources: JVNDB: JVNDB-2019-016878 // CNNVD: CNNVD-201902-339

EXTERNAL IDS

db:	NVD	id:	CVE-2019-7290	Trust: 3.8
db:	BID	id:	106957	Trust: 0.9
db:	JVNDB	id:	JVNDB-2019-016878	Trust: 0.8
db:	CNNVD	id:	CNNVD-201902-339	Trust: 0.7
db:	PACKETSTORM	id:	151576	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.0390	Trust: 0.6
db:	VULHUB	id:	VHN-158725	Trust: 0.1
db:	VULMON	id:	CVE-2019-7290	Trust: 0.1

sources: VULHUB: VHN-158725 // VULMON: CVE-2019-7290 // BID: 106957 // JVNDB: JVNDB-2019-016878 // PACKETSTORM: 151576 // CNNVD: CNNVD-201902-339 // NVD: CVE-2019-7290

REFERENCES

url:	https://support.apple.com/ht209522	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-7290	Trust: 1.5
url:	https://packetstormsecurity.com/files/151576/apple-security-advisory-2019-2-07-3.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/75258	Trust: 0.6
url:	http://www.securityfocus.com/bid/106957	Trust: 0.6
url:	https://www.apple.com/	Trust: 0.3
url:	http://www.apple.com/ios/	Trust: 0.3
url:	https://support.apple.com/en-us/ht209522	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/610.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://seclists.org/fulldisclosure/2019/feb/24	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-7289	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1

sources: VULHUB: VHN-158725 // VULMON: CVE-2019-7290 // BID: 106957 // JVNDB: JVNDB-2019-016878 // PACKETSTORM: 151576 // CNNVD: CNNVD-201902-339 // NVD: CVE-2019-7290

CREDITS

Avimanyu Roy (@AvimanyuRoy3),Sem Voigtl?¤nder from Fontys Hogeschool ICT and Avimanyu Roy (@AvimanyuRoy3).

Trust: 0.6

sources: CNNVD: CNNVD-201902-339

SOURCES

db:	VULHUB	id:	VHN-158725
db:	VULMON	id:	CVE-2019-7290
db:	BID	id:	106957
db:	JVNDB	id:	JVNDB-2019-016878
db:	PACKETSTORM	id:	151576
db:	CNNVD	id:	CNNVD-201902-339
db:	NVD	id:	CVE-2019-7290

LAST UPDATE DATE

2024-11-23T22:11:45.234000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-158725	date:	2019-12-31T00:00:00
db:	VULMON	id:	CVE-2019-7290	date:	2019-12-31T00:00:00
db:	BID	id:	106957	date:	2019-02-07T00:00:00
db:	JVNDB	id:	JVNDB-2019-016878	date:	2024-07-19T04:41:00
db:	CNNVD	id:	CNNVD-201902-339	date:	2020-01-02T00:00:00
db:	NVD	id:	CVE-2019-7290	date:	2024-11-21T04:47:56.273

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-158725	date:	2019-12-18T00:00:00
db:	VULMON	id:	CVE-2019-7290	date:	2019-12-18T00:00:00
db:	BID	id:	106957	date:	2019-02-07T00:00:00
db:	JVNDB	id:	JVNDB-2019-016878	date:	2024-07-19T00:00:00
db:	PACKETSTORM	id:	151576	date:	2019-02-07T18:32:22
db:	CNNVD	id:	CNNVD-201902-339	date:	2019-02-07T00:00:00
db:	NVD	id:	CVE-2019-7290	date:	2019-12-18T18:15:22.287