CVE Vulnerabilities

CVE-2015-5920

Published: Sep 18, 2015 | Modified: Dec 22, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Software Update component in Apple iTunes before 12.3 does not properly handle redirection, which allows man-in-the-middle attackers to discover encrypted SMB credentials via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Itunes Apple * 12.2

References