CVE-2024-23290
MEDIUM | Platform: iPadOS | Changelog
CVE Details
Description
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. An app may be able to access user-sensitive data.
CVSS 3.1 Score
| Metric | Value |
|---|---|
| Base Score | 5.5 (MEDIUM) |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Weakness
References
- Apple Security Advisory
- NVD Entry
- https://support.apple.com/en-us/120881
- https://support.apple.com/en-us/120882
- https://support.apple.com/en-us/120895
- http://seclists.org/fulldisclosure/2024/Mar/21 (Mailing List, Third Party Advisory)
- http://seclists.org/fulldisclosure/2024/Mar/24 (Mailing List, Third Party Advisory)
- http://seclists.org/fulldisclosure/2024/Mar/25 (Mailing List, Third Party Advisory)
- https://support.apple.com/en-us/HT214081 (Vendor Advisory)