admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-407xx/CVE-2024-40774.json
cad-safe-bot 9623dbd837 Auto-Update: 2024-08-20T16:00:18.583404+00:00
2024-08-20 16:03:15 +00:00

248 lines
6.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-40774",
"sourceIdentifier": "product-security@apple.com",
"published": "2024-07-29T23:15:11.250",
"lastModified": "2024-08-20T15:16:40.210",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. An app may be able to bypass Privacy preferences."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de degradaci\u00f3n con restricciones adicionales de firma de c\u00f3digo. Este problema se solucion\u00f3 en macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 y iPadOS 17.6, watchOS 10.6, tvOS 17.6, macOS Sonoma 14.6. Es posible que una aplicaci\u00f3n pueda omitir las preferencias de privacidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7.6",
"matchCriteriaId": "3556C7C3-14B6-4846-B3E8-FE07A503155F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6.8",
"matchCriteriaId": "7008225C-B5B9-4F87-9392-DD2080717E9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.6",
"matchCriteriaId": "51E2E93B-C5A3-4C83-B806-2EC555AD45FE"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "1E393815-B3B5-4FF9-9D1D-AA3EA9C5D352"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "A8A1B228-89B1-470E-9B6E-8553E561E062"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.6",
"matchCriteriaId": "035D8460-BD6F-4696-9D7B-BA571A994FD0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.6",
"matchCriteriaId": "9FB1D28B-EF0E-4CA0-90F7-073A85D001E5"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/16",
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/18",
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/19",
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/20",
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/21",
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jul/22",
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214117",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214118",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214119",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214120",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214122",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT214124",
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink