← Voltar para CVEs
CVE-2024-23239
MEDIUM4.7
Descricao
A race condition was addressed with improved state handling. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to leak sensitive user information.
Detalhes CVE
Pontuacao CVSS v3.14.7
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Vetor de ataqueLOCAL
ComplexidadeHIGH
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado3/8/2024
Ultima modificacao11/4/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
apple:ipad_osapple:iphone_osapple:macosapple:tvosapple:watchos
Fraquezas (CWE)
CWE-362CWE-362
Referencias
http://seclists.org/fulldisclosure/2024/Mar/21(product-security@apple.com)
http://seclists.org/fulldisclosure/2024/Mar/24(product-security@apple.com)
http://seclists.org/fulldisclosure/2024/Mar/25(product-security@apple.com)
https://support.apple.com/en-us/HT214081(product-security@apple.com)
https://support.apple.com/en-us/HT214084(product-security@apple.com)
https://support.apple.com/en-us/HT214086(product-security@apple.com)
https://support.apple.com/en-us/HT214088(product-security@apple.com)
http://seclists.org/fulldisclosure/2024/Mar/21(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2024/Mar/24(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2024/Mar/25(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT214081(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT214084(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT214086(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT214088(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT214081(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT214084(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT214086(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT214088(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.