CVE-2024-23295

Опубликовано: 08 мар. 2024

Источник: nvd

CVSS3: 5.5

CVSS3: 6.2

EPSS Низкий

Описание

A permissions issue was addressed to help ensure Personas are always protected This issue is fixed in visionOS 1.1. An unauthenticated user may be able to use an unprotected Persona.

Ссылки

http://seclists.org/fulldisclosure/2024/Mar/26
Mailing List
https://support.apple.com/en-us/HT214087
Vendor Advisory
http://seclists.org/fulldisclosure/2024/Mar/26
Mailing List
https://support.apple.com/en-us/HT214087
Vendor Advisory
https://support.apple.com/kb/HT214087

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*

Версия до 1.1 (исключая)

EPSS

Процентиль: 21%

0.0007

Низкий

5.5 Medium

CVSS3

6.2 Medium

CVSS3

Дефекты

CWE-276

Связанные уязвимости

GHSA-x7v5-rxwv-mpjw

CVSS3: 6.2

github

почти 2 года назад

A permissions issue was addressed to help ensure Personas are always protected This issue is fixed in visionOS 1.1. An unauthenticated user may be able to use an unprotected Persona.

EPSS

Процентиль: 21%

0.0007

Низкий

5.5 Medium

CVSS3

6.2 Medium

CVSS3

Дефекты

CWE-276