CVE-2016-4642

CVE Database · CVE-2016-4642

CVE-2016-4642

· N/AModified

CVSS v3.1

N/A

EPSS

1.34%

Published

Jan 11, 2019

Modified

Nov 20, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This issue was addressed through improved warnings.

Weaknesses (CWE)

CWE-254

Affected Products (3)

apple · apple_tv (up to 9.2.2)vulnerable

apple · iphone_os (up to 9.3.3)vulnerable

apple · mac_os (up to 10.11.6)vulnerable

References (6)

https://support.apple.com/HT206902

Vendor Advisory

https://support.apple.com/HT206903

Vendor Advisory

https://support.apple.com/HT206905

Vendor Advisory

https://support.apple.com/HT206902

Vendor Advisory

https://support.apple.com/HT206903

Vendor Advisory

https://support.apple.com/HT206905

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs