CVE-2024-23243

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4. An app may be able to read sensitive location information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.3 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
appleCNA
---
---
CVEADP
---
---
CISA-ADPADP
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
VendorProductVersion
appleipad_os
𝑥
< 17.4
appleiphone_os
𝑥
< 17.4
𝑥
= Vulnerable software versions
References
http://seclists.org/fulldisclosure/2024/Mar/18
https://support.apple.com/en-us/HT214081
http://seclists.org/fulldisclosure/2024/Mar/18
https://support.apple.com/en-us/HT214081