Vulnerability Description
An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the "WebKit Storage" component. It allows attackers to bypass the Safari Private Browsing protection mechanism, and consequently obtain sensitive information about visited web sites.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Safari | <= 10.1.2 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/100996Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039384Third Party AdvisoryVDB Entry
- https://support.apple.com/HT208116Vendor Advisory
- http://www.securityfocus.com/bid/100996Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039384Third Party AdvisoryVDB Entry
- https://support.apple.com/HT208116Vendor Advisory
FAQ
What is CVE-2017-7142?
CVE-2017-7142 is a vulnerability with a CVSS score of 5.3 (MEDIUM). An issue was discovered in certain Apple products. Safari before 11 is affected. The issue involves the "WebKit Storage" component. It allows attackers to bypass the Safari Private Browsing protection...
How severe is CVE-2017-7142?
CVE-2017-7142 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-7142?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Safari.