Vulnerabilities > CVE-2019-8779 - Exposure of Resource to Wrong Sphere vulnerability in Apple Ipados and Iphone OS

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
apple
CWE-668

Summary

A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions. This issue is fixed in iOS 13.1.1 and iPadOS 13.1.1. Third party app extensions may not receive the correct sandbox restrictions.

Vulnerable Configurations

Part Description Count
OS
Apple
195

Common Weakness Enumeration (CWE)