CVE-2023-42843

CVSS 7.5 HIGHEPSS 0.9%CWE-290

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 7.5EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

21 feb 2024Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing.

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Productos afectados

Apple · iOS and iPadOS Apple · macOS Apple · Safari

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IXLXIOAH5S7J22LJTCIAVFVVJ4TESAX4/https://support.apple.com/en-us/HT213981 https://support.apple.com/en-us/HT213982 https://support.apple.com/en-us/HT213984 https://support.apple.com/en-us/HT213986 http://www.openwall.com/lists/oss-security/2024/03/26/1