Details of VAR-202109-0347

ID

VAR-202109-0347

CVE

CVE-2021-1833

TITLE

iOS and iPadOS Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-013495

DESCRIPTION

This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. An application may be able to gain elevated privileges. iOS and iPadOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2021-1833 // JVNDB: JVNDB-2021-013495 // VULHUB: VHN-376493 // VULMON: CVE-2021-1833

AFFECTED PRODUCTS

vendor:	apple	model:	ipados	scope:	lt	version:	14.5	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	14.5	Trust: 1.0
vendor:	アップル	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	ipados	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-013495 // NVD: CVE-2021-1833

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-1833
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-1833
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202109-393
value:	HIGH
Trust: 0.6
VULHUB:	VHN-376493
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-1833
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-1833
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-376493
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-1833
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2021-1833
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-376493 // VULMON: CVE-2021-1833 // JVNDB: JVNDB-2021-013495 // CNNVD: CNNVD-202109-393 // NVD: CVE-2021-1833

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-013495 // NVD: CVE-2021-1833

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202109-393

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202109-393

PATCH

title:	HT212317 Apple Security update	url:	https://support.apple.com/en-us/HT212317	Trust: 0.8
title:	Apple iOS and Apple iPadOS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=162754	Trust: 0.6

sources: JVNDB: JVNDB-2021-013495 // CNNVD: CNNVD-202109-393

EXTERNAL IDS

db:	NVD	id:	CVE-2021-1833	Trust: 3.4
db:	JVNDB	id:	JVNDB-2021-013495	Trust: 0.8
db:	CNNVD	id:	CNNVD-202109-393	Trust: 0.6
db:	VULHUB	id:	VHN-376493	Trust: 0.1
db:	VULMON	id:	CVE-2021-1833	Trust: 0.1

sources: VULHUB: VHN-376493 // VULMON: CVE-2021-1833 // JVNDB: JVNDB-2021-013495 // CNNVD: CNNVD-202109-393 // NVD: CVE-2021-1833

REFERENCES

url:	https://support.apple.com/en-us/ht212317	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1833	Trust: 1.4
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-376493 // VULMON: CVE-2021-1833 // JVNDB: JVNDB-2021-013495 // CNNVD: CNNVD-202109-393 // NVD: CVE-2021-1833

SOURCES

db:	VULHUB	id:	VHN-376493
db:	VULMON	id:	CVE-2021-1833
db:	JVNDB	id:	JVNDB-2021-013495
db:	CNNVD	id:	CNNVD-202109-393
db:	NVD	id:	CVE-2021-1833

LAST UPDATE DATE

2024-08-14T14:55:48.790000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-376493	date:	2021-09-15T00:00:00
db:	VULMON	id:	CVE-2021-1833	date:	2021-09-15T00:00:00
db:	JVNDB	id:	JVNDB-2021-013495	date:	2022-09-14T07:03:00
db:	CNNVD	id:	CNNVD-202109-393	date:	2021-09-17T00:00:00
db:	NVD	id:	CVE-2021-1833	date:	2021-09-15T13:46:21.460

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-376493	date:	2021-09-08T00:00:00
db:	VULMON	id:	CVE-2021-1833	date:	2021-09-08T00:00:00
db:	JVNDB	id:	JVNDB-2021-013495	date:	2022-09-14T00:00:00
db:	CNNVD	id:	CNNVD-202109-393	date:	2021-09-08T00:00:00
db:	NVD	id:	CVE-2021-1833	date:	2021-09-08T15:15:10.517