CVE-2023-23505

CVSS V2 None CVSS V3 None

Description

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access information about a user’s contacts.

Overview

CVE ID
CVE-2023-23505

Assigner
product-security@apple.com

Vulnerability Status
Analyzed

Published Version
2023-02-27T20:15:13

Last Modified Date
2023-03-08T16:34:55

Weakness Enumerations

CWE	URL
CWE-532	http://cwe.mitre.org/data/definitions/532.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:o:apple:ipados::::::::	1	OR		15.7.3
cpe:2.3:o:apple:ipados::::::::	1	OR	16.0	16.3
cpe:2.3:o:apple:iphone_os::::::::	1	OR		15.7.3
cpe:2.3:o:apple:iphone_os::::::::	1	OR	16.0	16.3
cpe:2.3:o:apple:macos::::::::	1	OR	11.0	11.7.3
cpe:2.3:o:apple:macos::::::::	1	OR	12.0.0	12.6.3
cpe:2.3:o:apple:macos::::::::	1	OR	13.0	13.2
cpe:2.3:o:apple:watchos::::::::	1	OR		9.3

References

Reference URL	Reference Tags
https://support.apple.com/en-us/HT213598	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213599	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213603	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213604	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213605	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213606	Release Notes Vendor Advisory

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-23505
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23505

History

Created	Old Value	New Value	Data Type	Notes
2023-04-17 05:38:03				Added to TrackCVE
2023-04-17 05:38:06			Weakness Enumeration	new