CVEs-PoC/2021/CVE-2021-30823.md

### [CVE-2021-30823](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30823)
![](https://img.shields.io/static/v1?label=Product&message=Safari&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=iOS%20and%20iPadOS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=macOS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=tvOS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=watchOS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=An%20attacker%20in%20a%20privileged%20network%20position%20may%20be%20able%20to%20bypass%20HSTS&color=brightgreen)

### Description

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.0.1, iOS 14.8 and iPadOS 14.8, tvOS 15, Safari 15, watchOS 8. An attacker in a privileged network position may be able to bypass HSTS.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon