CVE-2024-23251

An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. An attacker with physical access may be able to leak Mail account credentials.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

History

03 Jul 2024, 01:47

Type Values Removed Values Added
CWE CWE-287

27 Jun 2024, 14:53

Type Values Removed Values Added
References () https://support.apple.com/en-us/HT214100 - () https://support.apple.com/en-us/HT214100 - Vendor Advisory
References () https://support.apple.com/en-us/HT214101 - () https://support.apple.com/en-us/HT214101 - Vendor Advisory
References () https://support.apple.com/en-us/HT214104 - () https://support.apple.com/en-us/HT214104 - Vendor Advisory
References () https://support.apple.com/en-us/HT214106 - () https://support.apple.com/en-us/HT214106 - Vendor Advisory
References () https://support.apple.com/kb/HT214100 - () https://support.apple.com/kb/HT214100 - Vendor Advisory
References () https://support.apple.com/kb/HT214101 - () https://support.apple.com/kb/HT214101 - Vendor Advisory
References () https://support.apple.com/kb/HT214104 - () https://support.apple.com/kb/HT214104 - Vendor Advisory
References () https://support.apple.com/kb/HT214106 - () https://support.apple.com/kb/HT214106 - Vendor Advisory
First Time Apple macos
Apple iphone Os
Apple watchos
Apple
Apple ipados
CPE cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.6
CWE NVD-CWE-noinfo

11 Jun 2024, 13:54

Type Values Removed Values Added
Summary
  • (es) Se solucionó un problema de autenticación con una gestión de estado mejorada. Este problema se solucionó en macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 y iPadOS 17.5, iOS 16.7.8 y iPadOS 16.7.8. Un atacante con acceso físico puede filtrar las credenciales de la cuenta de correo.

11 Jun 2024, 08:15

Type Values Removed Values Added
References
  • () https://support.apple.com/kb/HT214100 -
  • () https://support.apple.com/kb/HT214101 -
  • () https://support.apple.com/kb/HT214104 -
  • () https://support.apple.com/kb/HT214106 -

10 Jun 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-10 21:15

Updated : 2024-07-03 01:47


NVD link : CVE-2024-23251

Mitre link : CVE-2024-23251

CVE.ORG link : CVE-2024-23251


JSON object : View

Products Affected

apple

  • iphone_os
  • ipados
  • macos
  • watchos
CWE
NVD-CWE-noinfo CWE-287

Improper Authentication