CVE-2017-7147

CVE Database · CVE-2017-7147

CVE-2017-7147

· N/AModified

CVSS v3.1

N/A

EPSS

0.92%

Published

Oct 22, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An issue was discovered in certain Apple products. The Apple Support app before 1.2 for iOS is affected. The issue involves the "Analytics" component. It allows remote attackers to obtain sensitive analytics information by leveraging its presence in a cleartext HTTP transmission to an Adobe Marketing Cloud server operated for Apple, as demonstrated by information about the installation date and time.

Weaknesses (CWE)

CWE-319

Affected Products (2)

apple · apple_supportvulnerable

apple · iphone_os

References (6)

http://www.securityfocus.com/bid/101533

Third Party AdvisoryVDB Entry

https://support.apple.com/HT208201

Vendor Advisory

https://www.info-sec.ca/advisories/Apple-Support.html

Third Party Advisory