Unrated severityNVD Advisory· Published Sep 18, 2015· Updated Jun 17, 2026
CVE-2015-5920
CVE-2015-5920
Description
The Software Update component in Apple iTunes before 12.3 does not properly handle redirection, which allows man-in-the-middle attackers to discover encrypted SMB credentials via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*range: <=12.2
- (no CPE)range: <12.3
Patches
Vulnerability mechanics
References
3- lists.apple.com/archives/security-announce/2015/Sep/msg00003.htmlnvdVendor Advisory
- support.apple.com/HT205221nvdVendor Advisory
- www.securitytracker.com/id/1033617nvd
News mentions
0No linked articles in our index yet.