Уязвимость несанкционированного доступа к вкладкам приватного просмотра в macOS Sonoma, iOS, iPadOS и Safari
Описание
Проблема решена путем улучшенного управления состоянием. Злоумышленник способен получить доступ к вкладкам приватного просмотра без необходимости аутентификации.
Затронутые версии ПО
- macOS Sonoma < 14.6
- iOS < 17.6
- iPadOS < 17.6
- Safari < 17.6
Тип уязвимости
Неавторизованный доступ к данным
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5.3 Medium
CVSS3
Дефекты
Связанные уязвимости
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, Safari 17.6. Private Browsing tabs may be accessed without authentication.
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, Safari 17.6. Private Browsing tabs may be accessed without authentication.
This issue was addressed through improved state management. This issue ...
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.6, iOS 17.6 and iPadOS 17.6, Safari 17.6. Private Browsing tabs may be accessed without authentication.
EPSS
5.3 Medium
CVSS3