admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-282xx/CVE-2023-28206.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

149 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-28206",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-04-10T19:15:07.273",
"lastModified": "2024-06-27T19:29:39.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"cisaExploitAdd": "2023-04-10",
"cisaActionDue": "2023-05-01",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.5",
"matchCriteriaId": "968ADFDD-5716-4F75-BCA2-DD8486ED9618"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.4.1",
"matchCriteriaId": "8C1711DE-4691-42B7-8661-51B11C3E5B98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.5",
"matchCriteriaId": "CE26F1A4-8813-40E4-B939-AFC1F75953CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.4.1",
"matchCriteriaId": "96B6C1F1-6F18-43F9-83B6-58A214525B72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.7.6",
"matchCriteriaId": "2C9DAA85-84DE-4D42-A116-7630E0FDAEF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.5",
"matchCriteriaId": "8FE7C6AA-7557-4383-886E-4613FA0422F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3.1",
"matchCriteriaId": "A28AA212-0560-4E94-9610-51B595DE736C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213720",
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/HT213721",
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/HT213723",
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/HT213724",
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://support.apple.com/en-us/HT213725",
"source": "product-security@apple.com",
"tags": [
"Release Notes"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink