CVE-2024-23206

{"id": "CVE-2024-23206", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-01-23T01:15:10.840", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Jan/27", "tags": ["Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/33", "tags": ["Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/34", "tags": ["Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/36", "tags": ["Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/39", "tags": ["Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Jan/40", "tags": ["Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://www.openwall.com/lists/oss-security/2024/02/05/8", "source": "product-security@apple.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/", "source": "product-security@apple.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214055", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214056", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214059", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214060", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214061", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214063", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214055", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214056", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214059", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214060", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214061", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214063", "source": "product-security@apple.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de acceso mejorando las restricciones de acceso. Este problema se solucion\u00f3 en watchOS 10.3, tvOS 17.3, iOS 17.3 y iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 y iPadOS 16.7.5, Safari 17.3. Una p\u00e1gina web creada con fines malintencionados puede tomar huellas digitales del usuario."}], "lastModified": "2024-06-12T10:15:29.787", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D6F41D4-58ED-4E0B-90B4-3EDDB7CEA240", "versionEndExcluding": "17.3"}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C2307FA-1412-4727-AD29-541A337A9B97", "versionEndExcluding": "16.7.5", "versionStartExcluding": "16.0"}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF93182E-EFE2-4DAF-BAA2-5053A20ADCFF", "versionEndExcluding": "17.3", "versionStartExcluding": "17.0"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78404384-8393-4F57-8076-C84BCFD58B1D", "versionEndExcluding": "16.7.5", "versionStartExcluding": "16.0"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79493683-AFEA-42B7-9F15-C3E47069C9CF", "versionEndExcluding": "17.3", "versionStartExcluding": "17.0"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A4823C4-3812-46DB-8295-D021C93236CC", "versionEndExcluding": "14.3"}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "921307BF-8419-42C7-9B2C-8DD643723E38", "versionEndExcluding": "17.3"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F265723B-24BD-4BD9-A45C-6FFD000A7B03", "versionEndExcluding": "10.3"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}