Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAppleCVELIST:CVE-2023-28182
HistoryMay 08, 2023 - 12:00 a.m.

CVE-2023-28182

2023-05-0800:00:00
apple
www.cve.org
2
macos ventura 13.3
ios 16.4
ipados 16.4
ios 15.7.4
ipados 15.7.4
macos monterey 12.6.4
macos big sur 11.7.5
vpn server
eap-only authentication

AI Score

6.4

Confidence

Low

EPSS

0.002

Percentile

56.6%

JSON

The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "13.3",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "16.4",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "12.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "11.7",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "15.7",
        "versionType": "custom"
      }
    ]
  }
]

Related

nvd 1
cve 1
prion 1
apple 5
nessus 3
openvas 3
nvd
nvd
CVE-2023-28182
2023-05-08 20:15:19
cve
cve
CVE-2023-28182
2023-05-08 20:15:19
prion
prion
Authentication flaw
2023-05-08 20:15:00
apple
apple
About the security content of iOS 15.7.4 and iPadOS 15.7.4
2023-03-27 00:00:00
About the security content of macOS Big Sur 11.7.5
2023-03-27 00:00:00
About the security content of macOS Monterey 12.6.4
2023-03-27 00:00:00
nessus
nessus
macOS 11.x < 11.7.5 Multiple Vulnerabilities (HT213675)
2023-03-27 00:00:00
macOS 12.x < 12.6.4 Multiple Vulnerabilities (HT213677)
2023-03-27 00:00:00
macOS 13.x < 13.3 Multiple Vulnerabilities (HT213670)
2023-03-27 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT213675)
2023-03-29 00:00:00
Apple Mac OS X Security Update (HT213677)
2023-03-29 00:00:00
Apple Mac OS X Security Update (HT213670)
2023-03-29 00:00:00

AI Score

6.4

Confidence

Low

EPSS

0.002

Percentile

56.6%

JSON
Related for CVELIST:CVE-2023-28182
nvd1cve1prion1apple5nessus3openvas3