CVE-2021-30988: Medium severity apple ios and ipados vulnerability

Q: What is the vulnerability ID of this issue?

The vulnerability ID is CVE-2021-30988.

Q: What is the severity of CVE-2021-30988?

The severity of CVE-2021-30988 is medium with a CVSS score of 5.5.

Q: How can this vulnerability be exploited?

This vulnerability can be exploited by a malicious application to identify what other applications a user has installed.

Q: Which versions of iOS and iPadOS are affected by this vulnerability?

iOS and iPadOS versions up to exclusive 15.2 are affected by this vulnerability.

Q: How can I fix CVE-2021-30988?

You can fix CVE-2021-30988 by updating your iOS or iPadOS device to version 15.2 or later.

Published Aug 24, 2021

Updated

Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to identify what other applications a user has installed.

Other sources

NetworkExtension. Description: A permissions issue was addressed with improved validation.

Credit

Denis Tokarev@@illusionofcha0s

Affected Software

4 affected componentsFixes available

Apple iOS and iPadOS<15.2

15.2

Apple iOS, iPadOS, and macOS<15.2

15.2

Apple iOS, iPadOS, and macOS<15.2

iPhone OS<15.2

Event History

Aug 24, 2021

CVE Published

via MITRE·06:51 PM

Data Sourced

via MITRE·06:51 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT212976

Frequently Asked Questions

What is the vulnerability ID of this issue?

The vulnerability ID is CVE-2021-30988.

What is the severity of CVE-2021-30988?

The severity of CVE-2021-30988 is medium with a CVSS score of 5.5.

How can this vulnerability be exploited?

This vulnerability can be exploited by a malicious application to identify what other applications a user has installed.

Which versions of iOS and iPadOS are affected by this vulnerability?