← volver
CVE-2023-42844

CVE-2023-42844

EPSS 1.5%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
25 oct 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks.
Productos afectados
Apple · macOS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://seclists.org/fulldisclosure/2023/Oct/21http://seclists.org/fulldisclosure/2023/Oct/24http://seclists.org/fulldisclosure/2023/Oct/26https://support.apple.com/en-us/HT213983https://support.apple.com/en-us/HT213984https://support.apple.com/en-us/HT213985https://support.apple.com/kb/HT213983https://support.apple.com/kb/HT213984https://support.apple.com/kb/HT213985