CVE-2024-23297Apple IOS AND Ipados vulnerability

6 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 79.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple IOS AND IpadosApple TvosApple Watchos+2 more
Timeline
PublishedMar 8

Description

The issue was addressed with improved checks. This issue is fixed in iOS 17.4 and iPadOS 17.4, tvOS 17.4, watchOS 10.4. A malicious application may be able to access private information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages7 packages

CVEListV5apple/tvos< 17.4
NVDapple/tvos< 17.4
CVEListV5apple/watchos< 10.4
NVDapple/ipad_os< 17.4
NVDapple/watchos< 10.4

🔴Vulnerability Details

2
GHSA
GHSA-ggwq-65m4-2gf3: The issue was addressed with improved checks2024-03-08
CVEList
CVE-2024-23297: The issue was addressed with improved checks2024-03-08

📋Vendor Advisories

3
Apple
CVE-2024-23297: tvOS 17.42024-03-07
Apple
CVE-2024-23297: watchOS 10.42024-03-07
Apple
CVE-2024-23297: iOS 17.4 and iPadOS 17.42024-03-05
CVE-2024-23297 — Apple IOS AND Ipados vulnerability | cvebase