CVE-2023-40389

2024-06-1019:21:22

apple

www.cve.org

cve-2023-40389

improved access restriction

macos ventura

macos monterey

sensitive data access

0.001 Low

EPSS

Percentile

20.9%

JSON

The issue was addressed with improved restriction of data container access. This issue is fixed in macOS Ventura 13.6.5, macOS Monterey 12.7.4. An app may be able to access sensitive user data.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "12.7",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "lessThan": "13.6",
        "versionType": "custom"
      }
    ]
  }
]

References

support.apple.com/en-us/HT214083

support.apple.com/en-us/HT214085

0.001 Low

EPSS

Percentile

20.9%

JSON

Related for CVELIST:CVE-2023-40389