CVE-2023-28182

CVSS V2 None CVSS V3 None

Description

The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device

Overview

CVE ID
CVE-2023-28182

Assigner
product-security@apple.com

Vulnerability Status
Received

Published Version
2023-05-08T20:15:19

Last Modified Date
2023-05-08T20:15:19

References

Reference URL	Reference Tags
https://support.apple.com/en-us/HT213670
https://support.apple.com/en-us/HT213673
https://support.apple.com/en-us/HT213675
https://support.apple.com/en-us/HT213676
https://support.apple.com/en-us/HT213677

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-28182
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28182

History

Created	Old Value	New Value	Data Type	Notes
2023-05-08 21:05:34				Added to TrackCVE