CVE-2024-54542

{"id": "CVE-2024-54542", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2025-01-27T22:15:14.217", "references": [{"url": "https://support.apple.com/en-us/121837", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/121839", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/121843", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/121846", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "An authentication issue was addressed with improved state management. This issue is fixed in Safari 18.2, macOS Sequoia 15.2, watchOS 11.2, iOS 18.2 and iPadOS 18.2. Private Browsing tabs may be accessed without authentication."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de autenticaci\u00f3n con con una mejor gesti\u00f3n del estado. Este problema se solucion\u00f3 en Safari 18.2, macOS Sequoia 15.2, watchOS 11.2, iOS 18.2 y iPadOS 18.2. Se puede acceder a las pesta\u00f1as de Navegaci\u00f3n privada sin autenticaci\u00f3n."}], "lastModified": "2025-03-24T14:53:26.340", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12581F66-E5CF-4B04-A94C-E56DE31D0B62", "versionEndExcluding": "18.2"}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61B67D76-E2DA-46D7-9E43-4E18D542AA57", "versionEndExcluding": "18.2"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02BF92BD-305C-46CA-8A77-C247AF8B1BC0", "versionEndExcluding": "18.2"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3750AD63-B023-44CE-B44D-A90F98E3A8C0", "versionEndExcluding": "15.2"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C446885-2BC5-454D-88A1-146B17C051C3", "versionEndExcluding": "11.2"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}