← Back

CVE-2024-44239

nvd nist
Published: Oct 28, 2024Modified: Apr 2, 2026

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. An app may be able to leak sensitive kernel state.

Affected (9)

Apple
6 products
Ipados
Iphone Os
Macos
Tvos
Visionos
Watchos
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Apple
Ipados
Before 17.7.1
Ipados
Version 18.0
Apple
Iphone Os
Before 17.7.1
Iphone Os
Version 18.0
Apple
Macos
Before 13.7.1
Macos
From 14.0 to 14.7.1
Tvos
Before 18.1
Visionos
Before 2.1
Watchos
Before 11.1

Related CWEs

CWE-532
Insertion of Sensitive Information into Log File
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

References (14)

Source: product-security@apple.com
Release NotesVendor Advisory
Source: product-security@apple.com
Source: product-security@apple.com
Release NotesVendor Advisory
Source: product-security@apple.com
Release NotesVendor Advisory
Source: product-security@apple.com
Release NotesVendor Advisory
Source: product-security@apple.com
Release NotesVendor Advisory
Source: product-security@apple.com
Release NotesVendor Advisory
Source: product-security@apple.com
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.