← Back

CVE-2023-42973

nvd nist
Published: Apr 11, 2025Modified: Apr 21, 2025

JSON object

Loading...
4.0
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 2.5 / Impact: 1.4
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Private Browsing tabs may be accessed without authentication. This issue is fixed in iOS 17 and iPadOS 17. The issue was addressed with improved UI.

Affected (2)

Products: Apple: Ipados, Iphone Os
Apple
2 products
Ipados
Iphone Os
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Ipados
Version 17.0
Iphone Os
Version 17.0

Related CWEs

CWE-285
Improper Authorization
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

References (1)

Source: product-security@apple.com
Release NotesVendor Advisory

Timeline

No history available yet.