ID

VAR-202205-1354


CVE

CVE-2022-26725


TITLE

macOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-011161

DESCRIPTION

A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. Photo location information may persist after it is removed with Preview Inspector. macOS Exists in unspecified vulnerabilities.Information may be obtained

Trust: 1.8

sources: NVD: CVE-2022-26725 // JVNDB: JVNDB-2022-011161 // VULHUB: VHN-417394 // VULMON: CVE-2022-26725

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:12.4

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:アップルmodel:macosscope:eqversion:12.0 that's all 12.4

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-011161 // NVD: CVE-2022-26725

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-26725
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-26725
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202205-3382
value: MEDIUM

Trust: 0.6

VULHUB: VHN-417394
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-26725
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-417394
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-26725
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2022-26725
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-417394 // JVNDB: JVNDB-2022-011161 // CNNVD: CNNVD-202205-3382 // NVD: CVE-2022-26725

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-011161 // NVD: CVE-2022-26725

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202205-3382

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202205-3382

PATCH

title:HT213257 Apple  Security updateurl:https://support.apple.com/en-us/HT213257

Trust: 0.8

title:Apple macOS Monterey Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=195188

Trust: 0.6

title:Apple: macOS Monterey 12.4url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=73857ee26a600b1527481f1deacc0619

Trust: 0.1

sources: VULMON: CVE-2022-26725 // JVNDB: JVNDB-2022-011161 // CNNVD: CNNVD-202205-3382

EXTERNAL IDS

db:NVDid:CVE-2022-26725

Trust: 3.4

db:JVNDBid:JVNDB-2022-011161

Trust: 0.8

db:AUSCERTid:ESB-2022.2413

Trust: 0.6

db:CS-HELPid:SB2022051701

Trust: 0.6

db:CNNVDid:CNNVD-202205-3382

Trust: 0.6

db:VULHUBid:VHN-417394

Trust: 0.1

db:VULMONid:CVE-2022-26725

Trust: 0.1

sources: VULHUB: VHN-417394 // VULMON: CVE-2022-26725 // JVNDB: JVNDB-2022-011161 // CNNVD: CNNVD-202205-3382 // NVD: CVE-2022-26725

REFERENCES

url:https://support.apple.com/en-us/ht213257

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2022-26725

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2022051701

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-26725/

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-38381

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2413

Trust: 0.6

url:https://support.apple.com/kb/ht213257

Trust: 0.1

sources: VULHUB: VHN-417394 // VULMON: CVE-2022-26725 // JVNDB: JVNDB-2022-011161 // CNNVD: CNNVD-202205-3382 // NVD: CVE-2022-26725

SOURCES

db:VULHUBid:VHN-417394
db:VULMONid:CVE-2022-26725
db:JVNDBid:JVNDB-2022-011161
db:CNNVDid:CNNVD-202205-3382
db:NVDid:CVE-2022-26725

LAST UPDATE DATE

2024-08-14T13:05:47.802000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-417394date:2022-06-07T00:00:00
db:JVNDBid:JVNDB-2022-011161date:2023-08-21T00:50:00
db:CNNVDid:CNNVD-202205-3382date:2022-06-08T00:00:00
db:NVDid:CVE-2022-26725date:2022-06-07T22:43:46.887

SOURCES RELEASE DATE

db:VULHUBid:VHN-417394date:2022-05-26T00:00:00
db:JVNDBid:JVNDB-2022-011161date:2023-08-21T00:00:00
db:CNNVDid:CNNVD-202205-3382date:2022-05-16T00:00:00
db:NVDid:CVE-2022-26725date:2022-05-26T19:15:08.730