5.5
CVE-2024-27789
- EPSS 0.62%
- Veröffentlicht 14.05.2024 15:13:01
- Zuletzt bearbeitet 02.04.2026 19:17:17
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Sonoma 14.4, macOS Ventura 13.6.7. An app may be able to access user-sensitive data.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.62% | 0.451 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-922 Insecure Storage of Sensitive Information
The product stores sensitive information without properly limiting read or write access by unauthorized actors.
https://support.apple.com/kb/HT214084
http://seclists.org/fulldisclosure/2024/May/13
https://support.apple.com/kb/HT214107
http://seclists.org/fulldisclosure/2024/May/11
https://support.apple.com/kb/HT214100
https://support.apple.com/en-us/HT214084
http://seclists.org/fulldisclosure/2024/May/14
https://support.apple.com/en-us/HT214105
https://support.apple.com/kb/HT214105
https://support.apple.com/en-us/HT214100
https://support.apple.com/en-us/HT214107
https://support.apple.com/en-us/120898
https://support.apple.com/en-us/120899
https://support.apple.com/en-us/120900
https://support.apple.com/en-us/120895