CVE-2018-4227

EUVD-2018-16013
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Mail" component. It allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
appleiphone_os
𝑥
< 11.4
applemac_os_x
𝑥
< 10.13.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/104897
http://www.securitytracker.com/id/1041027
https://efail.de/#cve
https://support.apple.com/HT208848
https://support.apple.com/HT208849
http://www.securityfocus.com/bid/104897
http://www.securitytracker.com/id/1041027
https://efail.de/#cve
https://support.apple.com/HT208848
https://support.apple.com/HT208849