ID

VAR-202210-1496


CVE

CVE-2022-42796


TITLE

Apple macOS Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202210-1644

DESCRIPTION

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges

Trust: 0.99

sources: NVD: CVE-2022-42796 // VULHUB: VHN-439576

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:13.0

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:15.7

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.7

Trust: 1.0

sources: NVD: CVE-2022-42796

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-42796
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202210-1644
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-42796
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNNVD: CNNVD-202210-1644 // NVD: CVE-2022-42796

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2022-42796

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202210-1644

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202210-1644

PATCH

title:Apple macOS Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=212667

Trust: 0.6

sources: CNNVD: CNNVD-202210-1644

EXTERNAL IDS

db:NVDid:CVE-2022-42796

Trust: 1.7

db:AUSCERTid:ESB-2022.5300

Trust: 0.6

db:CNNVDid:CNNVD-202210-1644

Trust: 0.6

db:VULHUBid:VHN-439576

Trust: 0.1

sources: VULHUB: VHN-439576 // CNNVD: CNNVD-202210-1644 // NVD: CVE-2022-42796

REFERENCES

url:https://support.apple.com/en-us/ht213488

Trust: 2.3

url:https://support.apple.com/en-us/ht213445

Trust: 1.7

url:https://cxsecurity.com/cveshow/cve-2022-42796/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.5300

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-39702

Trust: 0.6

sources: VULHUB: VHN-439576 // CNNVD: CNNVD-202210-1644 // NVD: CVE-2022-42796

SOURCES

db:VULHUBid:VHN-439576
db:CNNVDid:CNNVD-202210-1644
db:NVDid:CVE-2022-42796

LAST UPDATE DATE

2024-08-14T12:45:42.978000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-439576date:2022-11-03T00:00:00
db:CNNVDid:CNNVD-202210-1644date:2022-11-04T00:00:00
db:NVDid:CVE-2022-42796date:2022-11-03T03:52:34.787

SOURCES RELEASE DATE

db:VULHUBid:VHN-439576date:2022-11-01T00:00:00
db:CNNVDid:CNNVD-202210-1644date:2022-10-24T00:00:00
db:NVDid:CVE-2022-42796date:2022-11-01T20:15:22.770