This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.
References
Link | Resource |
---|---|
https://support.apple.com/en-us/HT213472 | Vendor Advisory |
Configurations
History
09 Mar 2023, 15:52
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:apple:music:3.5.0:*:*:*:*:android:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
References | (MISC) https://support.apple.com/en-us/HT213472 - Vendor Advisory | |
First Time |
Apple music
Apple |
27 Feb 2023, 20:25
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-27 20:15
Updated : 2023-12-10 14:48
NVD link : CVE-2021-46841
Mitre link : CVE-2021-46841
CVE.ORG link : CVE-2021-46841
JSON object : View
Products Affected
apple
- music
CWE