CVE-2024-23235

{"id": "CVE-2024-23235", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.2}]}, "published": "2024-03-08T02:15:47.970", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Mar/21", "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/24", "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/25", "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/26", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214081", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214082", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214084", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214086", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214087", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214088", "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/21", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/24", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/25", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/26", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT214081", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT214082", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT214084", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT214086", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT214087", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT214088", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, tvOS 17.4. An app may be able to access user-sensitive data."}, {"lang": "es", "value": "Se abord\u00f3 una condici\u00f3n de ejecuci\u00f3n con validaci\u00f3n adicional. Este problema se solucion\u00f3 en macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 y iPadOS 17.4, watchOS 10.4, iOS 16.7.6 y iPadOS 16.7.6, tvOS 17.4. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."}], "lastModified": "2024-11-21T08:57:15.643", "sourceIdentifier": "product-security@apple.com"}