Lucene search
AppleCVE-2024-23219HistoryJan 23, 2024 - 1:15 a.m.
CVE-2024-23219
2024-01-2301:15:11
CWE-287
apple
web.nvd.nist.gov
32
20
cve-2024-23219
authentication improvement
ios 17.3
ipados 17.3
stolen device protection
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
5.6
Confidence
High
EPSS
0
Percentile
15.5%
The issue was addressed with improved authentication. This issue is fixed in iOS 17.3 and iPadOS 17.3. Stolen Device Protection may be unexpectedly disabled.
Affected configurations
Node
appleipadosRange<17.3
ORappleiphone_osRange<17.3
CNA Affected
[
{
"vendor": "Apple",
"product": "iOS and iPadOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "17.3",
"versionType": "custom"
}
]
}
]Social References
More
Related
prion
prion
Authentication flaw
2024-01-23 01:15:00
cvelist
cvelist
CVE-2024-23219
2024-01-23 00:25:31
nvd
nvd
CVE-2024-23219
2024-01-23 01:15:11
apple
apple
About the security content of iOS 17.3 and iPadOS 17.3
2024-01-22 00:00:00
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
5.6
Confidence
High
EPSS
0
Percentile
15.5%
Related for CVE-2024-23219