Details of VAR-202209-1788

ID

VAR-202209-1788

CVE

CVE-2022-32790

TITLE

Vulnerabilities in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-018253

DESCRIPTION

This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.6, Security Update 2022-004 Catalina. A remote user may be able to cause a denial-of-service. iPadOS , iOS , Apple Mac OS X Unspecified vulnerabilities exist in multiple Apple products.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-32790 // JVNDB: JVNDB-2022-018253 // VULHUB: VHN-424879

AFFECTED PRODUCTS

vendor:	apple	model:	macos	scope:	lt	version:	12.4	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	15.5	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	macos	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	12.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	15.5	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lt	version:	8.6	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	11.6.6	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.15.7	Trust: 1.0
vendor:	apple	model:	ipados	scope:	lt	version:	15.5	Trust: 1.0
vendor:	apple	model:	macos	scope:	gte	version:	11.0	Trust: 1.0
vendor:	アップル	model:	ipados	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	watchos	scope:	eq	version:	8.6	Trust: 0.8
vendor:	アップル	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	tvos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	apple mac os x	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-018253 // NVD: CVE-2022-32790

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-32790
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-32790
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202209-2447
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-32790
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2022-32790
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-018253 // CNNVD: CNNVD-202209-2447 // NVD: CVE-2022-32790

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-018253 // NVD: CVE-2022-32790

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202209-2447

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202209-2447

PATCH

title:	HT213257 Apple Security update	url:	https://support.apple.com/en-us/HT213253	Trust: 0.8
title:	Multiple Apple product Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=209277	Trust: 0.6

sources: JVNDB: JVNDB-2022-018253 // CNNVD: CNNVD-202209-2447

EXTERNAL IDS

db:	NVD	id:	CVE-2022-32790	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-018253	Trust: 0.8
db:	CNNVD	id:	CNNVD-202209-2447	Trust: 0.6
db:	VULHUB	id:	VHN-424879	Trust: 0.1

sources: VULHUB: VHN-424879 // JVNDB: JVNDB-2022-018253 // CNNVD: CNNVD-202209-2447 // NVD: CVE-2022-32790

REFERENCES

url:	https://support.apple.com/en-us/ht213253	Trust: 1.7
url:	https://support.apple.com/en-us/ht213254	Trust: 1.7
url:	https://support.apple.com/en-us/ht213255	Trust: 1.7
url:	https://support.apple.com/en-us/ht213256	Trust: 1.7
url:	https://support.apple.com/en-us/ht213257	Trust: 1.7
url:	https://support.apple.com/en-us/ht213258	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2022-32790	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-32790/	Trust: 0.6

sources: VULHUB: VHN-424879 // JVNDB: JVNDB-2022-018253 // CNNVD: CNNVD-202209-2447 // NVD: CVE-2022-32790

SOURCES

db:	VULHUB	id:	VHN-424879
db:	JVNDB	id:	JVNDB-2022-018253
db:	CNNVD	id:	CNNVD-202209-2447
db:	NVD	id:	CVE-2022-32790

LAST UPDATE DATE

2024-08-14T14:24:30.550000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-424879	date:	2023-01-09T00:00:00
db:	JVNDB	id:	JVNDB-2022-018253	date:	2023-10-19T05:56:00
db:	CNNVD	id:	CNNVD-202209-2447	date:	2022-09-28T00:00:00
db:	NVD	id:	CVE-2022-32790	date:	2023-01-09T16:41:59.350

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-424879	date:	2022-09-23T00:00:00
db:	JVNDB	id:	JVNDB-2022-018253	date:	2023-10-19T00:00:00
db:	CNNVD	id:	CNNVD-202209-2447	date:	2022-09-23T00:00:00
db:	NVD	id:	CVE-2022-32790	date:	2022-09-23T19:15:12.347