CVE-2024-23206

Published: Jan 23, 2024Modified: Apr 2, 2026

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

An access issue was addressed with improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. A maliciously crafted webpage may be able to fingerprint the user.

Affected (8)

Products: Apple: Ipados, Iphone Os, Macos, Safari, Tvos, Watchos

6 products

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	After 16.0 to 16.7.5
Apple Ipados	After 17.0 to 17.3
Apple Iphone Os	After 16.0 to 16.7.5
Apple Iphone Os	After 17.0 to 17.3
Apple Macos	Before 14.3
Apple Safari	Before 17.3
Apple Tvos	Before 17.3
Apple Watchos	Before 10.3

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (27)

https://support.apple.com/en-us/120304

Source: product-security@apple.com

https://support.apple.com/en-us/120306

Source: product-security@apple.com

https://support.apple.com/en-us/120309

Source: product-security@apple.com

https://support.apple.com/en-us/120310

Source: product-security@apple.com

https://support.apple.com/en-us/120311

Source: product-security@apple.com

https://support.apple.com/en-us/120339

Source: product-security@apple.com

http://seclists.org/fulldisclosure/2024/Jan/27

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://seclists.org/fulldisclosure/2024/Jan/33

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://seclists.org/fulldisclosure/2024/Jan/34

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://seclists.org/fulldisclosure/2024/Jan/36

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://seclists.org/fulldisclosure/2024/Jan/39

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://seclists.org/fulldisclosure/2024/Jan/40

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.openwall.com/lists/oss-security/2024/02/05/8

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/en-us/HT214055

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214056

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214059

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214060

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214061

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/en-us/HT214063

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://support.apple.com/kb/HT214055

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214056

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214059

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214060

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214061

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT214063

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.