3.3

CVE-2024-40791

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access information about a user's contacts.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPadOS Version < 17.7
AppleiPhone OS Version < 17.7
ApplemacOS Version < 13.7
ApplemacOS Version >= 14.0 < 14.7
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.04% 0.119
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.3 1.8 1.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0 3.3 1.8 1.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE-532 Insertion of Sensitive Information into Log File

The product writes sensitive information to a log file.

https://support.apple.com/en-us/121238
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121250
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121234
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121246
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121247
Vendor Advisory
Release Notes