CVE-2023-42823

MEDIUM

iPadOS < 16.7.2 - Unprotected User Data Exposure via Logging

Title source: llm

Description

The issue was resolved by sanitizing logging This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.

References (12)

Core 12

Core References

Vendor Advisory

https://support.apple.com/en-us/HT213981

Vendor Advisory

https://support.apple.com/en-us/HT213982

Vendor Advisory

https://support.apple.com/en-us/HT213983

Vendor Advisory

https://support.apple.com/en-us/HT213984

Vendor Advisory

https://support.apple.com/en-us/HT213985

Vendor Advisory

https://support.apple.com/en-us/HT213987

Vendor Advisory

https://support.apple.com/en-us/HT213988

Vendor Advisory

https://support.apple.com/kb/HT213982

Vendor Advisory

https://support.apple.com/kb/HT213983

Vendor Advisory

https://support.apple.com/kb/HT213984

Vendor Advisory

https://support.apple.com/kb/HT213987

Vendor Advisory

https://support.apple.com/kb/HT213988

Scores

CVSS v3 5.5

EPSS 0.0043

EPSS Percentile 33.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-922

Status published

Products (8)

apple/ipados 17.0

apple/ipados < 16.7.2

apple/iphone_os 17.0

apple/iphone_os < 16.7.2

apple/macos 14.0

apple/macos 12.0 - 12.7.1

apple/tvos < 17.1

apple/watchos < 10.1

Published Feb 21, 2024

Tracked Since Feb 18, 2026