CVE-2023-40455

{"id": "CVE-2023-40455", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 10.0, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.9}]}, "published": "2023-09-27T15:19:18.590", "references": [{"url": "http://seclists.org/fulldisclosure/2023/Oct/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT213940", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT213940", "tags": ["Release Notes", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de permisos con restricciones adicionales. Este problema se solucion\u00f3 en macOS Sonoma 14. Un proceso en la zona protegida puede ser capaz de omitir las restricciones de la sandbox."}], "lastModified": "2024-11-21T08:19:30.260", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605", "versionEndExcluding": "14.0"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}