CVE-2023-40435

This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
appleCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
VendorProductVersion
applexcode
𝑥
< 15.0
𝑥
= Vulnerable software versions
References
http://seclists.org/fulldisclosure/2023/Oct/7
https://support.apple.com/en-us/HT213939
http://seclists.org/fulldisclosure/2023/Oct/7
https://support.apple.com/en-us/HT213939