cve-2021-30966
Vulnerability from cvelistv5
Published
2021-08-24 18:51
Modified
2024-08-03 22:48
Severity ?
EPSS score ?
Summary
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:48:14.283Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://support.apple.com/en-us/HT212975" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://support.apple.com/en-us/HT212976" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://support.apple.com/en-us/HT212978" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://support.apple.com/en-us/HT212980" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "watchOS", "vendor": "Apple", "versions": [ { "lessThan": "8.3", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "iOS and iPadOS", "vendor": "Apple", "versions": [ { "lessThan": "15.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "macOS", "vendor": "Apple", "versions": [ { "lessThan": "12.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] }, { "product": "macOS", "vendor": "Apple", "versions": [ { "lessThan": "15.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations." } ], "problemTypes": [ { "descriptions": [ { "description": "User traffic might unexpectedly be leaked to a proxy server despite PAC configurations", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-12-23T20:02:06", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://support.apple.com/en-us/HT212975" }, { "tags": [ "x_refsource_MISC" ], "url": "https://support.apple.com/en-us/HT212976" }, { "tags": [ "x_refsource_MISC" ], "url": "https://support.apple.com/en-us/HT212978" }, { "tags": [ "x_refsource_MISC" ], "url": "https://support.apple.com/en-us/HT212980" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2021-30966", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "watchOS", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "8.3" } ] } }, { "product_name": "iOS and iPadOS", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "15.2" } ] } }, { "product_name": "macOS", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "12.1" } ] } }, { "product_name": "macOS", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "15.2" } ] } } ] }, "vendor_name": "Apple" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "User traffic might unexpectedly be leaked to a proxy server despite PAC configurations" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/en-us/HT212975", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212975" }, { "name": "https://support.apple.com/en-us/HT212976", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212976" }, { "name": "https://support.apple.com/en-us/HT212978", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212978" }, { "name": "https://support.apple.com/en-us/HT212980", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212980" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2021-30966", "datePublished": "2021-08-24T18:51:05", "dateReserved": "2021-04-13T00:00:00", "dateUpdated": "2024-08-03T22:48:14.283Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-30966\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2021-08-24T19:15:22.527\",\"lastModified\":\"2023-11-07T03:34:05.993\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations.\"},{\"lang\":\"es\",\"value\":\"Se abord\u00f3 un problema l\u00f3gico con una administraci\u00f3n de estado mejorada.\u0026#xa0;Este problema es corregido en macOS Monterey versi\u00f3n 12.1, watchOS versi\u00f3n 8.3, iOS versi\u00f3n 15.2 e iPadOS versi\u00f3n 15.2, tvOS versi\u00f3n 15.2.\u0026#xa0;El tr\u00e1fico de usuarios puede filtrarse no esperadamente a un servidor proxy a pesar de las configuraciones de PAC\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"CCE4E546-A0DD-4E9E-A6B9-C19B04D77466\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"7FB904C1-43D1-4583-8729-5D1B1746A54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.1\",\"matchCriteriaId\":\"88111C46-3A34-4814-B892-71EB5A9B6743\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"16CAE2FB-FADC-4BF4-9115-D20D365051BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.3\",\"matchCriteriaId\":\"7A7245FB-6FBE-4C09-80F5-18504CA623B3\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/HT212975\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212976\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212978\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212980\",\"source\":\"product-security@apple.com\"}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.