CVE-2024-23242

{"id": "CVE-2024-23242", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2024-03-08T02:15:48.200", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Mar/21", "tags": ["Mailing List"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214081", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214084", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/21", "tags": ["Mailing List"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT214081", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/en-us/HT214084", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/kb/HT214081", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.apple.com/kb/HT214084", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-532"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-532"}]}], "descriptions": [{"lang": "en", "value": "A privacy issue was addressed by not logging contents of text fields. This issue is fixed in macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4. An app may be able to view Mail data."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de privacidad al no registrar el contenido de los campos de texto. Este problema se solucion\u00f3 en macOS Sonoma 14.4, iOS 17.4 y iPadOS 17.4. Es posible que una aplicaci\u00f3n pueda ver los datos de Mail."}], "lastModified": "2025-11-04T19:16:40.637", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE5413B9-A1A8-499F-B047-163908202E69", "versionEndExcluding": "17.4"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCB4911E-7824-4C34-916D-88110CB415EB", "versionEndExcluding": "17.4"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73160D1F-755B-46D2-969F-DF8E43BB1099", "versionEndExcluding": "14.4", "versionStartIncluding": "14.0"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}