CVE-2020-27895

Low

3.3/10

Summary

An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

References

Advisory Timeline

Published Dec 08, 2020

CVE-2020-27895

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS