CVE-2022-32928
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
5.4 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
43.7%
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged network position may be able to intercept mail credentials.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:iphone_os | apple iphone os | lt | 16.0 |
| apple:macos | apple macos | lt | 13.0 |
| apple:watchos | apple watchos | lt | 9.0 |
CNA Affected
[
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"lessThan": "13",
"status": "affected",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"lessThan": "16",
"status": "affected",
"versionType": "custom"
}
]
},
{
"vendor": "Apple",
"product": "watchOS",
"versions": [
{
"version": "unspecified",
"lessThan": "9",
"status": "affected",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
5.4 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
43.7%