CVE-2023-23505
Published on: Not Yet Published
Last Modified on: 07/27/2023 04:15:00 AM UTC
Certain versions of Ipados from Apple contain the following vulnerability:
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. An app may be able to access information about a user’s contacts.
- CVE-2023-23505 has been assigned by
product-sec[email protected] to track the vulnerability - currently rated as LOW severity.
- Affected Vendor/Software:
Apple - iOS and iPadOS version < 16.3
- Affected Vendor/Software:
Apple - macOS version < 11.7
- Affected Vendor/Software:
Apple - watchOS version < 9.3
CVSS3 Score: 3.3 - LOW
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
LOCAL | LOW | NONE | REQUIRED |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | LOW | NONE | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
About the security content of macOS Monterey 12.6.3 - Apple Support | support.apple.com text/html |
![]() |
About the security content of macOS Big Sur 11.7.3 - Apple Support | support.apple.com text/html |
![]() |
About the security content of iOS 15.7.3 and iPadOS 15.7.3 - Apple Support | support.apple.com text/html |
![]() |
About the security content of watchOS 9.3 - Apple Support | support.apple.com text/html |
![]() |
About the security content of macOS Ventura 13.2 - Apple Support | support.apple.com text/html |
![]() |
About the security content of iOS 16.3 and iPadOS 16.3 - Apple Support | support.apple.com text/html |
![]() |
Related QID Numbers
- 377926 Apple macOS Big Sur 11.7.3 Not Installed (HT213603)
- 377927 Apple macOS Ventura 13.2 Not Installed (HT213605)
- 377928 Apple macOS Monterey 12.6.3 Not Installed (HT213604)
- 610459 Apple iOS 15.7.3 and iPadOS 15.7.3 Security Update Missing (HT213598)
- 610460 Apple iOS 16.3 and iPadOS 16.3 Security Update Missing (HT213606)
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Apple | Ipados | All | All | All | All |
Operating System | Apple | Iphone Os | All | All | All | All |
Operating System | Apple | Macos | All | All | All | All |
Operating System | Apple | Watchos | All | All | All | All |
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*:
- cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
スクリーンタイム アプリがユーザーの連絡先に関する情報にアクセスできる可能性があります。 プライバシーに関する問題を解決するためにログエントリーのプライベートデータの編集を改善しました。 CVE-2023-23505 | 2023-01-23 21:34:51 |
![]() |
MS-ISAC CYBERSECURITY ADVISORY - Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution - PATCH: NOW | 2023-01-24 14:14:35 |
![]() |
CVE-2023-23505 | 2023-02-27 21:38:33 |