SB2014031415 - Permissions, Privileges, and Access Controls in Apple tvOS
Published: March 14, 2014 Updated: August 10, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2014-1279)
CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
Apple TV before 6.1 does not properly restrict logging, which allows local users to obtain sensitive information by reading log data.
Remediation
Install update from vendor's website.