{"api_version":"1","generated_at":"2026-04-23T03:25:54+00:00","cve":"CVE-2021-30966","urls":{"html":"https://cve.report/CVE-2021-30966","api":"https://cve.report/api/cve/CVE-2021-30966.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-30966","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-30966"},"summary":{"title":"CVE-2021-30966","description":"A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations.","state":"PUBLIC","assigner":"product-security@apple.com","published_at":"2021-08-24 19:15:00","updated_at":"2023-11-07 03:34:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://support.apple.com/en-us/HT212976","name":"https://support.apple.com/en-us/HT212976","refsource":"MISC","tags":[],"title":"About the security content of iOS 15.2 and iPadOS 15.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT212980","name":"https://support.apple.com/en-us/HT212980","refsource":"","tags":[],"title":"About the security content of tvOS 15.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT212975","name":"https://support.apple.com/en-us/HT212975","refsource":"MISC","tags":[],"title":"About the security content of watchOS 8.3 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT212978","name":"https://support.apple.com/en-us/HT212978","refsource":"","tags":[],"title":"About the security content of macOS Monterey 12.1 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-30966","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30966","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"30966","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"30966","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"30966","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"30966","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"tvos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"30966","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"watchos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-30966","qid":"376180","title":"Apple MacOS Monterey 12.1 Not Installed (HT212978)"},{"cve":"CVE-2021-30966","qid":"610393","title":"Apple iOS 15.2 and iPadOS 15.2 Security Update Missing"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-30966","ASSIGNER":"product-security@apple.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Apple","product":{"product_data":[{"product_name":"watchOS","version":{"version_data":[{"version_affected":"<","version_value":"8.3"}]}},{"product_name":"iOS and iPadOS","version":{"version_data":[{"version_affected":"<","version_value":"15.2"}]}},{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_value":"12.1"}]}},{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_value":"15.2"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"User traffic might unexpectedly be leaked to a proxy server despite PAC configurations"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://support.apple.com/en-us/HT212975","name":"https://support.apple.com/en-us/HT212975"},{"refsource":"MISC","url":"https://support.apple.com/en-us/HT212976","name":"https://support.apple.com/en-us/HT212976"},{"refsource":"MISC","url":"https://support.apple.com/en-us/HT212978","name":"https://support.apple.com/en-us/HT212978"},{"refsource":"MISC","url":"https://support.apple.com/en-us/HT212980","name":"https://support.apple.com/en-us/HT212980"}]},"description":{"description_data":[{"lang":"eng","value":"A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations."}]}},"nvd":{"publishedDate":"2021-08-24 19:15:00","lastModifiedDate":"2023-11-07 03:34:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionEndExcluding":"8.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"15.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"15.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","versionEndExcluding":"15.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"30966","Ordinal":"206244","Title":"CVE-2021-30966","CVE":"CVE-2021-30966","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"30966","Ordinal":"1","NoteData":"A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"30966","Ordinal":"2","NoteData":"2021-08-24","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"30966","Ordinal":"3","NoteData":"2021-12-23","Type":"Other","Title":"Modified"}]}}}