CVE-2023-42860

EPSS 0.57%
Veröffentlicht 21.02.2024 07:15:49
Zuletzt bearbeitet 03.12.2024 17:24:43
Quelle product-security@apple.com
Teams Watchlist Login
Unerledigt Login

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to modify protected parts of the file system.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Apple ≫ macOS Version >= 12.0 < 12.7.1

Apple ≫ macOS Version >= 13.0 < 13.6.1

Apple ≫ macOS Version14.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.57%	0.675

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.7	2.5	5.2	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

https://support.apple.com/en-us/HT213985

Vendor Advisory

https://support.apple.com/en-us/HT213984

Vendor Advisory

https://support.apple.com/en-us/HT213983

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-42860

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-42860

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-42860

EUVD