CVE-2019-8730 — Sensitive Information Exposure in Apple Macos

CWE-200 — Sensitive Information Exposure CWE-459 — Incomplete Cleanup4 documents3 sources

Severity

3.3LOWNVD

EPSS

0.1%

top 71.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Macos Apple MAC OS X Apple IOS +1 more

Timeline

PublishedDec 18

Latest updateMay 24

Description

The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. This issue is fixed in macOS Catalina 10.15. A local user may be able to view a user’s locked notes.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages4 packages

▶Appleapple/macos_catalina10.15

▶CVEListV5apple/macosunspecified — macOS Catalina 10.15

▶NVDapple/mac_os_x< 10.15

▶Appleapple/ios13

🔴Vulnerability Details

GHSA

GHSA-hgxw-f9p9-f75r: The contents of locked notes sometimes appeared in search results↗2022-05-24

▶

📋Vendor Advisories

Apple

CVE-2019-8730: macOS Catalina 10.15↗2019-10-07

▶

Apple

CVE-2019-8730: iOS 13↗2019-09-19

▶