FKIE_CVE-2019-8550

Vulnerability from fkie_nvd - Published: 2019-12-18 18:15 - Updated: 2024-11-21 04:50
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Summary
An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing.
References
product-security@apple.comhttps://support.apple.com/HT209599Vendor Advisory
product-security@apple.comhttps://support.apple.com/HT209600Vendor Advisory
product-security@apple.comhttps://support.apple.com/HT209602Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT209599Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT209600Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/HT209602Vendor Advisory
Impacted products
Vendor Product Version
apple iphone_os *
apple mac_os_x *
apple mac_os_x *
apple mac_os_x *
apple mac_os_x 10.12.6
apple mac_os_x 10.12.6
apple mac_os_x 10.12.6
apple mac_os_x 10.12.6
apple mac_os_x 10.12.6
apple mac_os_x 10.12.6
apple mac_os_x 10.12.6
apple mac_os_x 10.12.6
apple mac_os_x 10.12.6
apple mac_os_x 10.13.6
apple mac_os_x 10.13.6
apple mac_os_x 10.13.6
apple mac_os_x 10.13.6
apple watchos *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1531E802-5419-4B38-8C0C-BDCBC272648F",
              "versionEndExcluding": "12.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D3003F5-F330-48A9-A4E3-FC97BEEE5FB8",
              "versionEndExcluding": "10.12.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "760AE295-2E39-4DA3-A384-01A5D4A131AD",
              "versionEndExcluding": "10.13.6",
              "versionStartIncluding": "10.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5696410-01B4-4ED3-8D76-95139236F5CF",
              "versionEndExcluding": "10.14.4",
              "versionStartIncluding": "10.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "6536473A-2ECF-4806-AC02-2386552BEAB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2017-001:*:*:*:*:*:*",
              "matchCriteriaId": "B8EFC700-879E-4C5C-8A21-064114E9D7B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-001:*:*:*:*:*:*",
              "matchCriteriaId": "FDC975B8-5808-4D2B-A9FF-445A7D7A33FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-002:*:*:*:*:*:*",
              "matchCriteriaId": "46E55B34-EF29-48F9-8248-CA2CB4960C2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-003:*:*:*:*:*:*",
              "matchCriteriaId": "21364751-F80E-46BA-AF76-C8B1689F426D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-004:*:*:*:*:*:*",
              "matchCriteriaId": "60EF4C45-05E2-498C-8245-45871BBF8A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-005:*:*:*:*:*:*",
              "matchCriteriaId": "9E029E9E-E01B-4995-B7FA-286A0C667A54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2018-006:*:*:*:*:*:*",
              "matchCriteriaId": "8F352467-BBDC-4A1A-8BF0-0DA2F762DBFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2019-001:*:*:*:*:*:*",
              "matchCriteriaId": "4353B3DF-2371-4A6F-9FF8-2CC3EF7DC4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "297D2D0C-EA9D-4B2C-9357-D88DB6C7143A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-002:*:*:*:*:*:*",
              "matchCriteriaId": "0D845143-1B4D-478B-B83E-8F1664CBCAC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-003:*:*:*:*:*:*",
              "matchCriteriaId": "23C6DF6A-9A30-4F9E-BD9C-C19D8551C6DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-001:*:*:*:*:*:*",
              "matchCriteriaId": "754A2DF4-8724-4448-A2AB-AC5442029CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8962A4FE-AE67-421E-9635-B03E2EBCDF19",
              "versionEndExcluding": "5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user\u2019s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing."
    },
    {
      "lang": "es",
      "value": "Hubo un problema en la pausa del video FaceTime. El problema se resolvi\u00f3 con una l\u00f3gica mejorada. Este problema se soluciona en iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. El video de un usuario no puede pausarse en una llamada de FaceTime si sale de la aplicaci\u00f3n FaceTime mientras la llamada est\u00e1 sonando."
    }
  ],
  "id": "CVE-2019-8550",
  "lastModified": "2024-11-21T04:50:03.080",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-12-18T18:15:25.473",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT209599"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT209600"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT209602"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT209599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT209600"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT209602"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-459"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.