1. Home
  2. CVE Database
  3. CVE-2024-23291
LOW · 3.3

CVE-2024-23291

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A malicious app may be ...

Vulnerability Description

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A malicious app may be able to observe user data in log entries related to accessibility notifications.

CVSS Score

3.3

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
AppleIpados< 17.4
AppleIphone Os< 17.4
AppleMacos>= 14.0, < 14.4
AppleTvos< 17.4
AppleWatchos< 10.4

References

FAQ

What is CVE-2024-23291?

CVE-2024-23291 is a vulnerability with a CVSS score of 3.3 (LOW). A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. A malicious app may be ...

How severe is CVE-2024-23291?

CVE-2024-23291 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-23291?

Check the references section above for vendor advisories and patch information. Affected products include: Apple Ipados, Apple Iphone Os, Apple Macos, Apple Tvos, Apple Watchos.