Lucene search
AppleCVE-2023-42900HistoryDec 12, 2023 - 1:15 a.m.
CVE-2023-42900
2023-12-1201:15:11
apple
web.nvd.nist.gov
29
cve-2023-42900
macos
sonoma
security
unauthorized access
user-sensitive data
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
5
Confidence
High
EPSS
0.001
Percentile
20.7%
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2. An app may be able to access user-sensitive data.
Affected configurations
Node
applemacosRange14.0–14.2
CNA Affected
[
{
"vendor": "Apple",
"product": "macOS",
"versions": [
{
"version": "unspecified",
"status": "affected",
"lessThan": "14.2",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
CVE-2023-42900
2023-12-12 00:27:27
prion
prion
Design/Logic Flaw
2023-12-12 01:15:00
nvd
nvd
CVE-2023-42900
2023-12-12 01:15:11
openvas
openvas
Apple Mac OS X Security Update (HT214036)
2023-12-14 00:00:00
nessus
nessus
macOS 14.x < 14.2 Multiple Vulnerabilities (HT214036)
2023-12-11 00:00:00
apple
apple
About the security content of macOS Sonoma 14.2
2023-12-11 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
5
Confidence
High
EPSS
0.001
Percentile
20.7%
Related for CVE-2023-42900