CVE-2017-7144

EUVD-2017-16182
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to track Safari Private Browsing users by leveraging cookie mishandling.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
Affected Products (NVD)
VendorProductVersion
applesafari
𝑥
≤ 10.1.2
appleiphone_os
𝑥
≤ 10.3.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/100991
http://www.securitytracker.com/id/1039384
http://www.securitytracker.com/id/1039427
https://support.apple.com/HT208112
https://support.apple.com/HT208116
http://www.securityfocus.com/bid/100991
http://www.securitytracker.com/id/1039384
http://www.securitytracker.com/id/1039427
https://support.apple.com/HT208112
https://support.apple.com/HT208116