The host is installed with Apple iTunes before 12.10.3 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to properly handle configuration issue. Successful exploitation allows an attacker in a privileged network position to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list.