CVE-2024-23292

LOW | Platform: iOS | Changelog

CVE Details

Description

This issue was addressed with improved data protection. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An app may be able to access information about a user’s contacts.

CVSS 3.1 Score

Metric	Value
Base Score	3.3 (LOW)
Vector	`CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N`

Weakness

CWE-200

References

Apple Security Advisory
NVD Entry
https://support.apple.com/en-us/120895
http://seclists.org/fulldisclosure/2024/Mar/21 (Mailing List)
https://support.apple.com/en-us/HT214081 (Vendor Advisory)
https://support.apple.com/en-us/HT214084 (Vendor Advisory)
https://support.apple.com/kb/HT214081
https://support.apple.com/kb/HT214084