CVE-2022-32833

Published: Dec 15, 2022Modified: Apr 21, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history.

Affected (3)

Products: Apple: Iphone Os, Macos, Safari

3 products

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Before 16.0
Apple Macos	Before 13.0
Apple Safari	Before 16.0

Related CWEs

CWE-922

Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References (6)

https://support.apple.com/en-us/HT213446

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/kb/HT213442

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/kb/HT213488

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/HT213446

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/kb/HT213442

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/kb/HT213488

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.