Vulnerability Database

296,224

Total vulnerabilities in the database

CVE-2015-5920

The Software Update component in Apple iTunes before 12.3 does not properly handle redirection, which allows man-in-the-middle attackers to discover encrypted SMB credentials via unspecified vectors.

  • Published: Sep 18, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-5920
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
apple / itunes - 12.2.x