Lucene search
AppleCVE-2023-42923HistoryDec 12, 2023 - 1:15 a.m.
CVE-2023-42923
2023-12-1201:15:12
apple
web.nvd.nist.gov
26
ios
ipados
cve-2023-42923
nvd
security
authentication
state management
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
4.5
Confidence
High
EPSS
0.001
Percentile
17.0%
This issue was addressed through improved state management. This issue is fixed in iOS 17.2 and iPadOS 17.2. Private Browsing tabs may be accessed without authentication.
Affected configurations
Node
appleipadosRange<17.2
ORappleiphone_osRange<17.2
CNA Affected
[
{
"vendor": "Apple",
"product": "iOS and iPadOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "17.2",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
CVE-2023-42923
2023-12-12 00:27:06
nvd
nvd
CVE-2023-42923
2023-12-12 01:15:12
prion
prion
Authentication flaw
2023-12-12 01:15:00
apple
apple
About the security content of iOS 17.2 and iPadOS 17.2
2023-12-11 00:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
4.5
Confidence
High
EPSS
0.001
Percentile
17.0%
Related for CVE-2023-42923