This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authentication.
References
| Link | Resource |
|---|---|
| http://seclists.org/fulldisclosure/2024/Mar/20 | Mailing List |
| http://seclists.org/fulldisclosure/2024/Mar/21 | Mailing List |
| https://support.apple.com/en-us/HT214081 | Vendor Advisory |
| https://support.apple.com/en-us/HT214084 | Vendor Advisory |
| https://support.apple.com/en-us/HT214089 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Oct 2024, 20:35
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-295 |
14 Mar 2024, 19:54
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-noinfo | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
| CPE | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
|
| First Time |
Apple
Apple safari Apple ipad Os Apple macos Apple iphone Os |
|
| References | () http://seclists.org/fulldisclosure/2024/Mar/20 - Mailing List | |
| References | () http://seclists.org/fulldisclosure/2024/Mar/21 - Mailing List | |
| References | () https://support.apple.com/en-us/HT214081 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214084 - Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214089 - Vendor Advisory |
13 Mar 2024, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
08 Mar 2024, 14:02
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
08 Mar 2024, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-03-08 02:15
Updated : 2024-10-30 20:35
NVD link : CVE-2024-23273
Mitre link : CVE-2024-23273
CVE.ORG link : CVE-2024-23273
JSON object : View
Products Affected
apple
- ipad_os
- iphone_os
- safari
- macos
CWE