{"api_version":"1","generated_at":"2026-04-23T04:11:40+00:00","cve":"CVE-2023-23498","urls":{"html":"https://cve.report/CVE-2023-23498","api":"https://cve.report/api/cve/CVE-2023-23498.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-23498","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-23498"},"summary":{"title":"CVE-2023-23498","description":"A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account.","state":"PUBLIC","assigner":"product-security@apple.com","published_at":"2023-02-27 20:15:00","updated_at":"2023-07-27 04:15:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://support.apple.com/en-us/HT213598","name":"https://support.apple.com/en-us/HT213598","refsource":"MISC","tags":[],"title":"About the security content of iOS 15.7.3 and iPadOS 15.7.3 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT213605","name":"https://support.apple.com/en-us/HT213605","refsource":"MISC","tags":[],"title":"About the security content of macOS Ventura 13.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT213606","name":"https://support.apple.com/en-us/HT213606","refsource":"MISC","tags":[],"title":"About the security content of iOS 16.3 and iPadOS 16.3 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-23498","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-23498","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"23498","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"23498","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"23498","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-23498","qid":"377927","title":"Apple macOS Ventura 13.2 Not Installed (HT213605)"},{"cve":"CVE-2023-23498","qid":"610459","title":"Apple iOS 15.7.3 and iPadOS 15.7.3 Security Update Missing (HT213598)"},{"cve":"CVE-2023-23498","qid":"610460","title":"Apple iOS 16.3 and iPadOS 16.3 Security Update Missing (HT213606)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-23498","ASSIGNER":"product-security@apple.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Apple","product":{"product_data":[{"product_name":"iOS and iPadOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"16.3"}]}},{"product_name":"macOS","version":{"version_data":[{"version_affected":"<","version_name":"unspecified","version_value":"13.2"}]}}]}}]}},"references":{"reference_data":[{"url":"https://support.apple.com/en-us/HT213606","refsource":"MISC","name":"https://support.apple.com/en-us/HT213606"},{"url":"https://support.apple.com/en-us/HT213598","refsource":"MISC","name":"https://support.apple.com/en-us/HT213598"},{"url":"https://support.apple.com/en-us/HT213605","refsource":"MISC","name":"https://support.apple.com/en-us/HT213605"}]}},"nvd":{"publishedDate":"2023-02-27 20:15:00","lastModifiedDate":"2023-07-27 04:15:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":3.3,"baseSeverity":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0","versionEndExcluding":"13.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0","versionEndExcluding":"16.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0","versionEndExcluding":"16.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7.3","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}