A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. A malicious app may be able to observe user data in log entries related to accessibility notifications.
History

Tue, 05 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios
Apple ipados
Apple macos
Apple tvos
Apple watchos
CPEs cpe:2.3:o:apple:ios:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ios
Apple ipados
Apple macos
Apple tvos
Apple watchos
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-03-08T01:35:50.295Z

Updated: 2024-11-05T16:30:08.296Z

Reserved: 2024-01-12T22:22:21.501Z

Link: CVE-2024-23291

cve-icon Vulnrichment

Updated: 2024-08-01T22:59:32.214Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-03-08T02:15:50.210

Modified: 2024-11-21T08:57:25.537

Link: CVE-2024-23291

cve-icon Redhat

No data.