Vulnerability Name: | CVE-2022-22598 (CCN-221709) | ||||||||||||
Assigned: | 2022-03-14 | ||||||||||||
Published: | 2022-03-14 | ||||||||||||
Updated: | 2022-03-28 | ||||||||||||
Summary: | An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 15.4 and iPadOS 15.4. An app may be able to learn information about the current camera view before being granted camera access. | ||||||||||||
CVSS v3 Severity: | 3.3 Low (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) 2.9 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||
Vulnerability Type: | CWE-668 | ||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2022-22598 Source: XF Type: UNKNOWN apple-ios-cve202222598-info-disc(221709) Source: CCN Type: Apple security document HT213182 About the security content of iOS 15.4 and iPadOS 15.4 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT213182 | ||||||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
BACK |