CVE-2019-8632

EPSS 1.3%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 1.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

18 Dec 2019Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data.

Affected products

Apple · Texture-Android Apple · Texture-iOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.apple.com/HT210110 https://support.apple.com/HT210111 https://www.info-sec.ca/advisories/Texture.html