Lucene search

[email protected]NVD:CVE-2024-27807

HistoryJun 10, 2024 - 9:15 p.m.

CVE-2024-27807

2024-06-1021:15:50

[email protected]

web.nvd.nist.gov

cve-2024-27807

improved checks

ios 17.5

ipados 17.5

ios 16.7.8

ipados 16.7.8

app privacy report logging

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

20.6%

JSON

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. An app may be able to circumvent App Privacy Report logging.

Affected configurations

Nvd

Node

appleipadosRange<16.7.8

appleipadosRange17.0–17.5

appleiphone_osRange<16.7.8

appleiphone_osRange17.0–17.5

VendorProductVersionCPE
appleipados*cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	ipados	*	cpe:2.3:o:apple:ipados::::::::
apple	iphone_os	*	cpe:2.3:o:apple:iphone_os::::::::

References

support.apple.com/en-us/HT214100

support.apple.com/en-us/HT214101

support.apple.com/kb/HT214100

support.apple.com/kb/HT214101

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

20.6%

JSON

Related for NVD:CVE-2024-27807

cvelist1 vulnrichment1 cve1 apple2