5.5

CVE-2024-27884

This issue was addressed with a new entitlement. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, visionOS 1.2, tvOS 17.5, iOS 17.5 and iPadOS 17.5. An app may be able to access user-sensitive data.

Data is provided by the National Vulnerability Database (NVD)
AppleiPhone OS Version < 17.5
AppleiPadOS Version < 17.5
ApplemacOS Version < 14.5
ApplewatchOS Version < 10.5
ApplevisionOS Version < 1.2
AppletvOS Version < 17.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.022
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://support.apple.com/kb/HT214101
Vendor Advisory
Release Notes
https://support.apple.com/kb/HT214106
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT214106
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT214101
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT214102
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT214104
Vendor Advisory
Release Notes
https://support.apple.com/kb/HT214102
Vendor Advisory
Release Notes
https://support.apple.com/kb/HT214104
Vendor Advisory
Release Notes
https://support.apple.com/en-us/HT214108
Vendor Advisory
Release Notes
https://support.apple.com/kb/HT214108
Vendor Advisory
Release Notes