CVE-2022-32854

{"id": "CVE-2022-32854", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2022-09-20T21:15:10.663", "references": [{"url": "http://seclists.org/fulldisclosure/2022/Oct/39", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2022/Oct/40", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2022/Oct/45", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2022/Oct/49", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213443", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213445", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213446", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT213486", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2022/Oct/39", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2022/Oct/40", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2022/Oct/45", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2022/Oct/49", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT213443", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT213445", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT213446", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/kb/HT213486", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved checks. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences."}, {"lang": "es", "value": "Este problema se abord\u00f3 con comprobaciones mejoradas. Este problema es corregido en iOS versi\u00f3n 15.7 y iPadOS versi\u00f3n 15.7, iOS versi\u00f3n 16, macOS Big Sur versi\u00f3n 11.7. Una aplicaci\u00f3n puede omitir las preferencias de Privacidad"}], "lastModified": "2024-11-21T07:07:05.983", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "613EE342-B8E6-4E88-B8F5-CCD918F2D704", "versionEndExcluding": "15.7"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B639E246-8791-46E2-BAB9-E9B9E79C0F8D", "versionEndExcluding": "15.7"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBDE00C9-1D0A-454B-8657-53BB09831607", "versionEndExcluding": "11.7", "versionStartIncluding": "11.0.0"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "712A2CD4-6807-496A-8467-BFB138371E51", "versionEndExcluding": "9.0"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}