← back
CVE-2022-32857

CVE-2022-32857

CVSS 4.3 MEDIUMEPSS 0.2%CWE-319
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 Aug 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A user in a privileged network position can track a user’s activity.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
Apple · macOSApple · tvOSApple · watchOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.apple.com/en-us/HT213340https://support.apple.com/en-us/HT213342https://support.apple.com/en-us/HT213343https://support.apple.com/en-us/HT213344https://support.apple.com/en-us/HT213345https://support.apple.com/en-us/HT213346