Vulnerabilities > CVE-2020-9781 - Improper Preservation of Permissions vulnerability in Apple Ipados and Iphone OS

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
apple
CWE-281

Summary

The issue was addressed by clearing website permission prompts after navigation. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user may grant website permissions to a site they didn't intend to.

Vulnerable Configurations

Part Description Count
OS
Apple
210

Common Weakness Enumeration (CWE)