CVE-2018-4110: Critical severity apple ios and ipados vulnerability

Q: What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2018-4110.

Q: What is the severity of CVE-2018-4110?

CVE-2018-4110 has a severity rating of 9.8 (Critical).

Q: Which Apple products are affected by CVE-2018-4110?

iOS before version 11.3 is affected by CVE-2018-4110.

Q: What is the impact of CVE-2018-4110?

CVE-2018-4110 allows remote attackers to bypass intended restrictions on cookie persistence.

Q: Is there a fix available for CVE-2018-4110?

Yes, a fix is available. Users should update to iOS version 11.3 or later.

Published Mar 29, 2018

Updated

Web App. A cookie management issue was addressed with improved state management.

Other sources

An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "Web App" component. It allows remote attackers to bypass intended restrictions on cookie persistence.

Credit

Ben Compton, Jason Colley(Cerner Corporation)

Affected Software

2 affected componentsFixes available

Apple iOS and iPadOS<11.3

11.3

iPhone OS<11.3

Event History

Apr 3, 2018

CVE Published

via MITRE·06:00 AM

Data Sourced

via MITRE·06:00 AM

Description

Parent advisories

This vulnerability appears in the following advisories.

HT208693

Frequently Asked Questions

What is the vulnerability ID of this issue?

The vulnerability ID of this issue is CVE-2018-4110.

What is the severity of CVE-2018-4110?

CVE-2018-4110 has a severity rating of 9.8 (Critical).

Which Apple products are affected by CVE-2018-4110?

iOS before version 11.3 is affected by CVE-2018-4110.

What is the impact of CVE-2018-4110?