CVE-2024-27789

{"id": "CVE-2024-27789", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2024-05-14T15:13:01.493", "references": [{"url": "http://seclists.org/fulldisclosure/2024/May/11", "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/May/13", "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/May/14", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214084", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214100", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214105", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214107", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214084", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214100", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214105", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214107", "source": "product-security@apple.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-922"}]}], "descriptions": [{"lang": "en", "value": "A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Ventura 13.6.7, macOS Sonoma 14.4. An app may be able to access user-sensitive data."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de l\u00f3gica con controles mejorados. Este problema se solucion\u00f3 en iOS 16.7.8 y iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Ventura 13.6.7, macOS Sonoma 14.4. Es posible que una aplicaci\u00f3n pueda acceder a datos confidenciales del usuario."}], "lastModified": "2024-11-15T22:35:08.453", "sourceIdentifier": "product-security@apple.com"}