← Back

CVE-2023-42839

nvd nist
Published: Feb 21, 2024Modified: Nov 4, 2025

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

This issue was addressed with improved state management. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.

Affected (5)

Apple
5 products
Ipad Os
Iphone Os
Macos
Tvos
Watchos
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Ipad Os
Before 17.1
Iphone Os
Before 17.1
Macos
Version 14.0
Tvos
Before 17.1
Watchos
Before 10.1

Related CWEs

CWE-922
Insecure Storage of Sensitive Information
The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References (11)

Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.