{"api_version":"1","generated_at":"2026-04-08T23:00:57+00:00","cve":"CVE-2024-23211","urls":{"html":"https://cve.report/CVE-2024-23211","api":"https://cve.report/api/cve/CVE-2024-23211.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2024-23211","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2024-23211"},"summary":{"title":"CVE-2024-23211","description":"A privacy issue was addressed with improved handling of user preferences. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A user's private browsing activity may be visible in Settings.","state":"PUBLISHED","assigner":"apple","published_at":"2024-01-23 01:15:11","updated_at":"2026-04-02 19:16:55"},"problem_types":["NVD-CWE-noinfo","CWE-359","A user's private browsing activity may be visible in Settings","CWE-359 CWE-359 Exposure of Private Personal Information to an Unauthorized Actor"],"metrics":[{"version":"3.1","source":"nvd@nist.gov","type":"Primary","score":"3.3","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"ADP","type":"DECLARED","score":"3.3","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":3.3,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.1"}},{"version":"3.1","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","score":"3.3","severity":"LOW","vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://seclists.org/fulldisclosure/2024/Jan/27","name":"http://seclists.org/fulldisclosure/2024/Jan/27","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2024/Jan/39","name":"http://seclists.org/fulldisclosure/2024/Jan/39","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Full Disclosure: APPLE-SA-01-22-2024-8 watchOS 10.3","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2024/Jan/34","name":"http://seclists.org/fulldisclosure/2024/Jan/34","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/120306","name":"https://support.apple.com/en-us/120306","refsource":"product-security@apple.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/120310","name":"https://support.apple.com/en-us/120310","refsource":"product-security@apple.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/120304","name":"https://support.apple.com/en-us/120304","refsource":"product-security@apple.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/120309","name":"https://support.apple.com/en-us/120309","refsource":"product-security@apple.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/HT214056","name":"https://support.apple.com/en-us/HT214056","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2024/Jan/33","name":"http://seclists.org/fulldisclosure/2024/Jan/33","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT214061","name":"https://support.apple.com/kb/HT214061","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/kb/HT214056","name":"https://support.apple.com/kb/HT214056","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/HT214063","name":"https://support.apple.com/en-us/HT214063","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT214063","name":"https://support.apple.com/kb/HT214063","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/HT214061","name":"https://support.apple.com/en-us/HT214061","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2024/Jan/36","name":"http://seclists.org/fulldisclosure/2024/Jan/36","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Full Disclosure: APPLE-SA-01-22-2024-5 macOS Sonoma 14.3","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/120339","name":"https://support.apple.com/en-us/120339","refsource":"product-security@apple.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://support.apple.com/en-us/HT214060","name":"https://support.apple.com/en-us/HT214060","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/en-us/HT214059","name":"https://support.apple.com/en-us/HT214059","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2024-23211","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-23211","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Apple","product":"Safari","version":"affected 17.3 custom","platforms":[]},{"source":"CNA","vendor":"Apple","product":"iOS and iPadOS","version":"affected 16.7.5 custom","platforms":[]},{"source":"CNA","vendor":"Apple","product":"iOS and iPadOS","version":"affected 17.3 custom","platforms":[]},{"source":"CNA","vendor":"Apple","product":"macOS","version":"affected 14.3 custom","platforms":[]},{"source":"CNA","vendor":"Apple","product":"watchOS","version":"affected 10.3 custom","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2024","cve_id":"23211","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2024","cve_id":"23211","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apple","cpe5":"safari","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2024-23211","qid":"379297","title":"Apple Safari Multiple Vulnerabilities (HT214056)"},{"cve":"CVE-2024-23211","qid":"379299","title":"Apple macOS Sonoma 14.3 Not Installed (HT214061)"},{"cve":"CVE-2024-23211","qid":"610538","title":"Apple iOS 17.3 and iPadOS 17.3 Security Update Missing (HT214059)"},{"cve":"CVE-2024-23211","qid":"610539","title":"Apple iOS 16.7.5 and iPadOS 16.7.5 Security Update Missing (HT214063)"}]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2025-11-04T18:24:08.297Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_transferred"],"url":"https://support.apple.com/en-us/HT214059"},{"tags":["x_transferred"],"url":"https://support.apple.com/en-us/HT214063"},{"tags":["x_transferred"],"url":"https://support.apple.com/en-us/HT214056"},{"tags":["x_transferred"],"url":"https://support.apple.com/en-us/HT214060"},{"tags":["x_transferred"],"url":"https://support.apple.com/en-us/HT214061"},{"tags":["x_transferred"],"url":"http://seclists.org/fulldisclosure/2024/Jan/27"},{"tags":["x_transferred"],"url":"http://seclists.org/fulldisclosure/2024/Jan/33"},{"tags":["x_transferred"],"url":"http://seclists.org/fulldisclosure/2024/Jan/36"},{"tags":["x_transferred"],"url":"http://seclists.org/fulldisclosure/2024/Jan/34"},{"tags":["x_transferred"],"url":"http://seclists.org/fulldisclosure/2024/Jan/39"},{"url":"https://support.apple.com/kb/HT214063"},{"url":"https://support.apple.com/kb/HT214061"},{"url":"https://support.apple.com/kb/HT214056"}],"title":"CVE Program Container"},{"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":3.3,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","version":"3.1"}},{"other":{"content":{"id":"CVE-2024-23211","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2024-01-23T13:23:02.240179Z","version":"2.0.3"},"type":"ssvc"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-359","description":"CWE-359 Exposure of Private Personal Information to an Unauthorized Actor","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2025-06-20T19:12:28.382Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"Safari","vendor":"Apple","versions":[{"lessThan":"17.3","status":"affected","version":"0","versionType":"custom"}]},{"product":"iOS and iPadOS","vendor":"Apple","versions":[{"lessThan":"16.7.5","status":"affected","version":"0","versionType":"custom"},{"lessThan":"17.3","status":"affected","version":"0","versionType":"custom"}]},{"product":"macOS","vendor":"Apple","versions":[{"lessThan":"14.3","status":"affected","version":"0","versionType":"custom"}]},{"product":"watchOS","vendor":"Apple","versions":[{"lessThan":"10.3","status":"affected","version":"0","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"A privacy issue was addressed with improved handling of user preferences. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A user's private browsing activity may be visible in Settings."}],"problemTypes":[{"descriptions":[{"description":"A user's private browsing activity may be visible in Settings","lang":"en"}]}],"providerMetadata":{"dateUpdated":"2026-04-02T18:13:24.882Z","orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple"},"references":[{"url":"https://support.apple.com/en-us/120304"},{"url":"https://support.apple.com/en-us/120306"},{"url":"https://support.apple.com/en-us/120309"},{"url":"https://support.apple.com/en-us/120310"},{"url":"https://support.apple.com/en-us/120339"}]}},"cveMetadata":{"assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","assignerShortName":"apple","cveId":"CVE-2024-23211","datePublished":"2024-01-23T00:25:20.675Z","dateReserved":"2024-01-12T22:22:21.476Z","dateUpdated":"2026-04-02T18:13:24.882Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2024-01-23 01:15:11","lastModifiedDate":"2026-04-02 19:16:55","problem_types":["NVD-CWE-noinfo","CWE-359","A user's private browsing activity may be visible in Settings","CWE-359 CWE-359 Exposure of Private Personal Information to an Unauthorized Actor"],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*","versionEndExcluding":"17.3","matchCriteriaId":"3D6F41D4-58ED-4E0B-90B4-3EDDB7CEA240"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionStartExcluding":"16.0","versionEndExcluding":"16.7.5","matchCriteriaId":"8C2307FA-1412-4727-AD29-541A337A9B97"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionStartExcluding":"17.0","versionEndExcluding":"17.3","matchCriteriaId":"EF93182E-EFE2-4DAF-BAA2-5053A20ADCFF"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionStartExcluding":"16.0","versionEndExcluding":"16.7.5","matchCriteriaId":"78404384-8393-4F57-8076-C84BCFD58B1D"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionStartExcluding":"17.0","versionEndExcluding":"17.3","matchCriteriaId":"79493683-AFEA-42B7-9F15-C3E47069C9CF"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0","versionEndExcluding":"14.3","matchCriteriaId":"79ADFEBE-99EE-4F01-9AE8-489EB41885D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionEndExcluding":"10.3","matchCriteriaId":"F265723B-24BD-4BD9-A45C-6FFD000A7B03"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2024","CveId":"23211","Ordinal":"1","Title":"CVE-2024-23211","CVE":"CVE-2024-23211","Year":"2024"},"notes":[{"CveYear":"2024","CveId":"23211","Ordinal":"1","NoteData":"A privacy issue was addressed with improved handling of user preferences. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, watchOS 10.3. A user's private browsing activity may be visible in Settings.","Type":"Description","Title":"CVE-2024-23211"}]}}}