nvd-json-data-feeds/CVE-2022/CVE-2022-267xx/CVE-2022-26712.json

{
  "id": "CVE-2022-26712",
  "sourceIdentifier": "product-security@apple.com",
  "published": "2022-05-26T19:15:08.320",
  "lastModified": "2022-06-07T15:50:17.050",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to modify protected parts of the file system."
    },
    {
      "lang": "es",
      "value": "Este problema se abord\u00f3 eliminando el c\u00f3digo vulnerable. Este problema es corregido en macOS Monterey versi\u00f3n 12.4, macOS Big Sur versi\u00f3n 11.6.6. Una aplicaci\u00f3n maliciosa puede ser capaz de modificar partes protegidas del sistema de archivos"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.3
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "11.0",
              "versionEndExcluding": "11.6.6",
              "matchCriteriaId": "09A6345C-D813-43BA-B12E-789C80653F86"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "12.0.0",
              "versionEndExcluding": "12.4",
              "matchCriteriaId": "56A8A170-44A7-4334-88B0-CB4413E28E53"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://support.apple.com/en-us/HT213256",
      "source": "product-security@apple.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://support.apple.com/en-us/HT213257",
      "source": "product-security@apple.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ]
    }
  ]
}