CVE-2023-28203

2023-07-2804:30:44

apple

www.cve.org

cve-2023-28203

apple music

android

contact access

fix

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.9%

JSON

The issue was addressed with improved checks. This issue is fixed in Apple Music 4.2.0 for Android. An app may be able to access contacts.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "Apple Music for Android",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "4.2",
        "versionType": "custom"
      }
    ]
  }
]

References

support.apple.com/en-us/HT213833