{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-42854", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2023-09-14T19:05:11.451Z", "datePublished": "2023-10-25T18:32:00.528Z", "dateUpdated": "2025-02-13T17:12:47.389Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to cause a denial-of-service to Endpoint Security clients"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "14.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "13.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "unspecified", "status": "affected", "lessThan": "12.7", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to cause a denial-of-service to Endpoint Security clients."}], "references": [{"url": "https://support.apple.com/en-us/HT213984"}, {"url": "https://support.apple.com/en-us/HT213985"}, {"url": "https://support.apple.com/en-us/HT213983"}, {"url": "https://support.apple.com/kb/HT213984"}, {"url": "https://support.apple.com/kb/HT213985"}, {"url": "https://support.apple.com/kb/HT213983"}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/21"}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/24"}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/26"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2023-10-25T19:09:15.050Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:30:24.957Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT213984", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213985", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213983", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213984", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213985", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213983", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/21", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/24", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/26", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-10T15:18:44.753971Z", "id": "CVE-2023-42854", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-10T15:18:55.887Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT213984", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213985", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213983", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213984", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213985", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/kb/HT213983", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/21", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/24", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/26", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:30:24.957Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-42854", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:18:44.753971Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-10T15:18:50.298Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "14.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "13.6", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "12.7", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/HT213984"}, {"url": "https://support.apple.com/en-us/HT213985"}, {"url": "https://support.apple.com/en-us/HT213983"}, {"url": "https://support.apple.com/kb/HT213984"}, {"url": "https://support.apple.com/kb/HT213985"}, {"url": "https://support.apple.com/kb/HT213983"}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/21"}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/24"}, {"url": "http://seclists.org/fulldisclosure/2023/Oct/26"}], "descriptions": [{"lang": "en", "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to cause a denial-of-service to Endpoint Security clients."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to cause a denial-of-service to Endpoint Security clients"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2023-10-25T19:09:15.050Z"}}}, "cveMetadata": {"cveId": "CVE-2023-42854", "state": "PUBLISHED", "dateUpdated": "2025-02-13T17:12:47.389Z", "dateReserved": "2023-09-14T19:05:11.451Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2023-10-25T18:32:00.528Z", "assignerShortName": "apple"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA796DD3-80AF-4E65-8080-EC309577F00D", "versionEndExcluding": "12.7.1", "versionStartIncluding": "12.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "85B6F336-AA76-4706-AD68-BCDFFB48358B", "versionEndExcluding": "13.6.1", "versionStartIncluding": "13.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9F52915-10F1-4514-B839-F6DC74B53555", "versionEndExcluding": "14.1", "versionStartIncluding": "14.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to cause a denial-of-service to Endpoint Security clients."}, {"lang": "es", "value": "Este problema se solucion\u00f3 eliminando el c\u00f3digo vulnerable. Este problema se solucion\u00f3 en macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. Es posible que una aplicaci\u00f3n pueda provocar una denegaci\u00f3n de servicio a los clientes de Endpoint Security."}], "id": "CVE-2023-42854", "lastModified": "2024-11-21T08:23:22.260", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-25T19:15:10.890", "references": [{"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Oct/21"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Oct/24"}, {"source": "product-security@apple.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Oct/26"}, {"source": "product-security@apple.com", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213983"}, {"source": "product-security@apple.com", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213984"}, {"source": "product-security@apple.com", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213985"}, {"source": "product-security@apple.com", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/kb/HT213983"}, {"source": "product-security@apple.com", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/kb/HT213984"}, {"source": "product-security@apple.com", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/kb/HT213985"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Oct/21"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Oct/24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Oct/26"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213983"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213984"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213985"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/kb/HT213983"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/kb/HT213984"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product", "Vendor Advisory"], "url": "https://support.apple.com/kb/HT213985"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}