CVE-2024-23206

An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

History

12 Jun 2024, 10:15

Type Values Removed Values Added
References
  • () https://support.apple.com/kb/HT214055 -
  • () https://support.apple.com/kb/HT214056 -
  • () https://support.apple.com/kb/HT214059 -

10 Jun 2024, 16:15

Type Values Removed Values Added
References
  • () https://support.apple.com/kb/HT214060 -
  • () https://support.apple.com/kb/HT214061 -
  • () https://support.apple.com/kb/HT214063 -

26 Feb 2024, 18:24

Type Values Removed Values Added
CPE cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

11 Feb 2024, 07:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/ -

09 Feb 2024, 02:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/ -

06 Feb 2024, 02:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/02/05/8 -

26 Jan 2024, 21:17

Type Values Removed Values Added
CPE cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
CWE NVD-CWE-noinfo
References () http://seclists.org/fulldisclosure/2024/Jan/34 - () http://seclists.org/fulldisclosure/2024/Jan/34 - Third Party Advisory
References () https://support.apple.com/en-us/HT214061 - () https://support.apple.com/en-us/HT214061 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/HT214056 - () https://support.apple.com/en-us/HT214056 - Release Notes, Vendor Advisory
References () http://seclists.org/fulldisclosure/2024/Jan/27 - () http://seclists.org/fulldisclosure/2024/Jan/27 - Third Party Advisory
References () http://seclists.org/fulldisclosure/2024/Jan/36 - () http://seclists.org/fulldisclosure/2024/Jan/36 - Third Party Advisory
References () https://support.apple.com/en-us/HT214059 - () https://support.apple.com/en-us/HT214059 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/HT214063 - () https://support.apple.com/en-us/HT214063 - Release Notes, Vendor Advisory
References () http://seclists.org/fulldisclosure/2024/Jan/33 - () http://seclists.org/fulldisclosure/2024/Jan/33 - Third Party Advisory
References () http://seclists.org/fulldisclosure/2024/Jan/40 - () http://seclists.org/fulldisclosure/2024/Jan/40 - Third Party Advisory
References () https://support.apple.com/en-us/HT214055 - () https://support.apple.com/en-us/HT214055 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/HT214060 - () https://support.apple.com/en-us/HT214060 - Release Notes, Vendor Advisory
References () http://seclists.org/fulldisclosure/2024/Jan/39 - () http://seclists.org/fulldisclosure/2024/Jan/39 - Third Party Advisory
First Time Apple watchos
Apple
Apple iphone Os
Apple tvos
Apple safari
Apple ipados
Apple macos

26 Jan 2024, 18:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/Jan/34 -
  • () http://seclists.org/fulldisclosure/2024/Jan/36 -
  • () http://seclists.org/fulldisclosure/2024/Jan/33 -
  • () http://seclists.org/fulldisclosure/2024/Jan/40 -
  • () http://seclists.org/fulldisclosure/2024/Jan/39 -

26 Jan 2024, 16:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/Jan/27 -

23 Jan 2024, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-23 01:15

Updated : 2024-06-12 10:15


NVD link : CVE-2024-23206

Mitre link : CVE-2024-23206

CVE.ORG link : CVE-2024-23206


JSON object : View

Products Affected

apple

  • watchos
  • ipados
  • tvos
  • safari
  • iphone_os
  • macos