Lucene search

[email protected]NVD:CVE-2023-42857

HistoryOct 25, 2023 - 7:15 p.m.

CVE-2023-42857

2023-10-2519:15:10

CWE-532

[email protected]

web.nvd.nist.gov

privacy issue

data redaction

macos sonoma

ios 17.1

ipados 17.1

sensitive data access

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

2.7 Low

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.2%

JSON

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

Affected configurations

NVD

Node

appleipadosRange<17.1

appleiphone_osRange<17.1

applemacosRange14.0–14.1

References

seclists.org/fulldisclosure/2023/Oct/19

seclists.org/fulldisclosure/2023/Oct/24

support.apple.com/en-us/HT213982

support.apple.com/en-us/HT213984

support.apple.com/kb/HT213982

support.apple.com/kb/HT213984

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

2.7 Low

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.2%

JSON

Related for NVD:CVE-2023-42857

prion1 cve1 cvelist1 apple2 openvas1 nessus1