CVE-2024-23206 Vulnerability Details

  /     /     /  

CVE-2024-23206 Metadata Quick Info

CVE Published: 23/01/2024 | CVE Updated: 01/08/2024 | CVE Year: 2024
Source: apple | Vendor: Apple | Product: iOS and iPadOS
Status : PUBLISHED

---

CVE-2024-23206 Description

An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: A maliciously crafted webpage may be able to fingerprint the user
Source: Apple

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).