Lucene search
HistoryJun 10, 2024 - 8:15 p.m.
CVE-2023-40389
macos ventura
macos monterey
data container access
sensitive user data
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
20.9%
The issue was addressed with improved restriction of data container access. This issue is fixed in macOS Ventura 13.6.5, macOS Monterey 12.7.4. An app may be able to access sensitive user data.
Affected configurations
Node
applemacosRange<12.7.4
ORapplemacosRange13.0–13.6.5
Related
vulnrichment
vulnrichment
CVE-2023-40389
2024-06-10 19:21:22
cve
cve
CVE-2023-40389
2024-06-10 20:15:12
cvelist
cvelist
CVE-2023-40389
2024-06-10 19:21:22
nessus
nessus
macOS 12.x < 12.7.4 Multiple Vulnerabilities (HT214083)
2024-03-07 00:00:00
macOS 13.x < 13.6.5 Multiple Vulnerabilities (HT214085)
2024-03-07 00:00:00
apple
apple
About the security content of macOS Ventura 13.6.5
2024-03-07 00:00:00
About the security content of macOS Monterey 12.7.4
2024-03-07 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
20.9%
Related for NVD:CVE-2023-40389