Lucene search

[email protected]NVD:CVE-2023-28191

HistoryJun 23, 2023 - 6:15 p.m.

CVE-2023-28191

2023-06-2318:15:11

[email protected]

web.nvd.nist.gov

cve-2023-28191

privacy bypass

security update

watchos

tvos

macos ventura

macos big sur

macos monterey

ios

ipados

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

AI Score

4.4

Confidence

High

EPSS

0.001

Percentile

35.8%

JSON

This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6, iOS 16.5 and iPadOS 16.5. An app may be able to bypass Privacy preferences.

Affected configurations

Nvd

Node

appleipadosRange<16.5

appleiphone_osRange<16.5

applemacosRange11.0.0–11.7.7

applemacosRange12.0.0–12.6.6

applemacosRange13.0–13.4

appletvosRange<16.5

applewatchosRange<9.5

VendorProductVersionCPE
appleipados*cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
applemacos*cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
appletvos*cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
applewatchos*cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	ipados	*	cpe:2.3:o:apple:ipados::::::::
apple	iphone_os	*	cpe:2.3:o:apple:iphone_os::::::::
apple	macos	*	cpe:2.3:o:apple:macos::::::::
apple	tvos	*	cpe:2.3:o:apple:tvos::::::::
apple	watchos	*	cpe:2.3:o:apple:watchos::::::::