CVE-2024-23261

Sažetak

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.8. An attacker may be able to read information belonging to another user.

Reference

http://seclists.org/fulldisclosure/2024/Jul/19
http://seclists.org/fulldisclosure/2024/Jul/20
https://support.apple.com/en-us/HT214084
https://support.apple.com/en-us/HT214118
https://support.apple.com/en-us/HT214120
https://support.apple.com/kb/HT214084
http://seclists.org/fulldisclosure/2024/Jul/19
http://seclists.org/fulldisclosure/2024/Jul/20
https://support.apple.com/en-us/HT214084
https://support.apple.com/en-us/HT214118
https://support.apple.com/en-us/HT214120
https://support.apple.com/kb/HT214084

CVSS

Base:	7.5
Impact:	3.6
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	NONE	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Zadnje važnije ažuriranje

13-03-2025 - 16:15

Objavljeno

29-07-2024 - 23:15