CVE-2024-23285

Опубликовано: 08 мар. 2024

Источник: nvd

CVSS3: 5.5

CVSS3: 7.8

EPSS Низкий

Описание

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.4. An app may be able to create symlinks to protected regions of the disk.

Ссылки

http://seclists.org/fulldisclosure/2024/Mar/21
Mailing List
https://support.apple.com/en-us/HT214084
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Mar/21
Mailing List
https://support.apple.com/en-us/HT214084
Vendor Advisory
https://support.apple.com/kb/HT214084

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 14.0 (включая) до 14.4 (исключая)

EPSS

Процентиль: 17%

0.00055

Низкий

5.5 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-59

CWE-61

Связанные уязвимости

GHSA-c9g9-8p38-4p39

CVSS3: 7.8

github

почти 2 года назад

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.4. An app may be able to create symlinks to protected regions of the disk.

EPSS

Процентиль: 17%

0.00055

Низкий

5.5 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-59

CWE-61