PT-2023-6033 · Apple · Safari+5
Adriatik Raci
·
Publicado
2023-09-26
·
Atualizado
2024-10-29
·
CVE-2023-35990
CVSS v3.1
3.3
Baixa
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
iOS versions prior to 17
iPadOS versions prior to 17
watchOS versions prior to 10
iOS versions prior to 16.7
iPadOS versions prior to 16.7
macOS Sonoma versions prior to 14
Description
The issue allows an app to identify what other apps a user has installed. This is due to a lack of protection for service data in the Safari browser of watchOS, iPadOS, macOS, and iOS operating systems. The issue was addressed with improved checks.
Recommendations
For iOS versions prior to 17, update to iOS 17 or later.
For iPadOS versions prior to 17, update to iPadOS 17 or later.
For watchOS versions prior to 10, update to watchOS 10 or later.
For iOS versions prior to 16.7, update to iOS 16.7 or later.
For iPadOS versions prior to 16.7, update to iPadOS 16.7 or later.
For macOS Sonoma versions prior to 14, update to macOS Sonoma 14 or later.
Correção
Incorrect Authorization
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Apple Macos
Safari
Ios
Ipados
Macos Sonoma
Watchos