Lucene search
HistoryMar 28, 2024 - 4:15 p.m.
CVE-2023-40390
privacy issue
sensitive data
protected location
macos sonoma 14.2
user-sensitive data
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.9%
A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sonoma 14.2. An app may be able to access user-sensitive data.
Affected configurations
Node
applemacosRange<14.2
References
Related
vulnrichment
vulnrichment
CVE-2023-40390
2024-03-28 15:39:12
cve
cve
CVE-2023-40390
2024-03-28 16:15:07
cvelist
cvelist
CVE-2023-40390
2024-03-28 15:39:12
nessus
nessus
macOS 14.x < 14.2 Multiple Vulnerabilities (HT214036)
2023-12-11 00:00:00
apple
apple
About the security content of macOS Sonoma 14.2
2023-12-11 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT214036)
2023-12-14 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
4.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.9%
Related for NVD:CVE-2023-40390