6.5
CVE-2024-23241
- EPSS 0.44%
- Veröffentlicht 08.03.2024 02:15:48
- Zuletzt bearbeitet 02.04.2026 19:17:03
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
This issue was addressed through improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4. An app may be able to leak sensitive user information.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.44% | 0.35 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | 3.9 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
CWE-922 Insecure Storage of Sensitive Information
The product stores sensitive information without properly limiting read or write access by unauthorized actors.
http://seclists.org/fulldisclosure/2024/Mar/21
http://seclists.org/fulldisclosure/2024/Mar/25
https://support.apple.com/kb/HT214081
https://support.apple.com/kb/HT214084
https://support.apple.com/kb/HT214086
https://support.apple.com/en-us/HT214081
https://support.apple.com/en-us/HT214084
https://support.apple.com/en-us/HT214086
https://support.apple.com/en-us/120882
https://support.apple.com/en-us/120893
https://support.apple.com/en-us/120895