Lucene search
HistoryMar 28, 2024 - 4:15 p.m.
CVE-2023-40390
privacy issue
sensitive data
protected location
macos sonoma 14.2
user-sensitive data
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
4.8
Confidence
High
EPSS
0.001
Percentile
20.7%
A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sonoma 14.2. An app may be able to access user-sensitive data.
Affected configurations
Node
applemacosRange<14.2
References
Related
vulnrichment
vulnrichment
CVE-2023-40390
2024-03-28 15:39:12
cvelist
cvelist
CVE-2023-40390
2024-03-28 15:39:12
cve
cve
CVE-2023-40390
2024-03-28 16:15:07
apple
apple
About the security content of macOS Sonoma 14.2
2023-12-11 00:00:00
nessus
nessus
macOS 14.x < 14.2 Multiple Vulnerabilities (HT214036)
2023-12-11 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT214036)
2023-12-14 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
4.8
Confidence
High
EPSS
0.001
Percentile
20.7%
Related for NVD:CVE-2023-40390