5.5
CVE-2024-23267
- EPSS 0.23%
- Veröffentlicht 08.03.2024 02:15:49
- Zuletzt bearbeitet 02.04.2026 19:17:09
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to bypass certain Privacy preferences.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.133 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
http://seclists.org/fulldisclosure/2024/Mar/21
https://support.apple.com/kb/HT214084
http://seclists.org/fulldisclosure/2024/Mar/22
https://support.apple.com/kb/HT214085
http://seclists.org/fulldisclosure/2024/Mar/23
https://support.apple.com/kb/HT214083
https://support.apple.com/en-us/HT214083
https://support.apple.com/en-us/HT214085
https://support.apple.com/en-us/HT214084
https://support.apple.com/en-us/120895
https://support.apple.com/en-us/120886
https://support.apple.com/en-us/120884