| Vulnerability Name: | CVE-2022-42796 (CCN-238820) | ||||||||||||
| Assigned: | 2022-10-24 | ||||||||||||
| Published: | 2022-10-24 | ||||||||||||
| Updated: | 2022-11-03 | ||||||||||||
| Summary: | This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges. | ||||||||||||
| CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||||||
| Vulnerability Consequences: | Gain Privilege | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2022-42796 Source: XF Type: UNKNOWN apple-ventura-cve202242796-priv-esc(238820) Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT213445 Source: CCN Type: Apple security document HT213488 About the security content of macOS Ventura 13 Source: MISC Type: Release Notes, Vendor Advisory https://support.apple.com/en-us/HT213488 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||