CVE-2018-4244

{"id": "CVE-2018-4244", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.6, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 0.9}]}, "published": "2018-06-08T18:29:02.587", "references": [{"url": "http://www.securitytracker.com/id/1041031", "tags": ["Third Party Advisory", "VDB Entry"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/HT208848", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://www.securitytracker.com/id/1041031", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/HT208848", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the \"Siri Contacts\" component. It allows physically proximate attackers to discover private contact information via Siri."}, {"lang": "es", "value": "Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.4 se han visto afectadas. El problema afecta al componente \"Siri Contacts\". Permite que atacantes pr\u00f3ximos f\u00edsicamente descubran informaci\u00f3n privada de contactos mediante Siri."}], "lastModified": "2024-11-21T04:07:02.757", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "618A2297-91F6-4533-B345-1620635CDA93", "versionEndExcluding": "11.4"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}