ID

VAR-202212-1527


CVE

CVE-2022-32833


TITLE

Vulnerabilities in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-023667

DESCRIPTION

An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history. apple's Safari , iOS , macOS Exists in unspecified vulnerabilities.Information may be obtained

Trust: 1.8

sources: NVD: CVE-2022-32833 // JVNDB: JVNDB-2022-023667 // VULHUB: VHN-424922 // VULMON: CVE-2022-32833

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:16.0

Trust: 1.0

vendor:applemodel:macosscope:ltversion:13.0

Trust: 1.0

vendor:applemodel:safariscope:ltversion:16.0

Trust: 1.0

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion:13.0

Trust: 0.8

vendor:アップルmodel:safariscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-023667 // NVD: CVE-2022-32833

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-32833
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-32833
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202212-3334
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-32833
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2022-32833
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-023667 // CNNVD: CNNVD-202212-3334 // NVD: CVE-2022-32833

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-668

Trust: 0.1

sources: VULHUB: VHN-424922 // JVNDB: JVNDB-2022-023667 // NVD: CVE-2022-32833

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202212-3334

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202212-3334

PATCH

title:HT213442 Apple  Security updateurl:https://support.apple.com/en-us/HT213446

Trust: 0.8

title:Apple iOS Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=218513

Trust: 0.6

sources: JVNDB: JVNDB-2022-023667 // CNNVD: CNNVD-202212-3334

EXTERNAL IDS

db:NVDid:CVE-2022-32833

Trust: 3.4

db:JVNDBid:JVNDB-2022-023667

Trust: 0.8

db:CNNVDid:CNNVD-202212-3334

Trust: 0.6

db:VULHUBid:VHN-424922

Trust: 0.1

db:VULMONid:CVE-2022-32833

Trust: 0.1

sources: VULHUB: VHN-424922 // VULMON: CVE-2022-32833 // JVNDB: JVNDB-2022-023667 // CNNVD: CNNVD-202212-3334 // NVD: CVE-2022-32833

REFERENCES

url:https://support.apple.com/en-us/ht213446

Trust: 1.8

url:https://support.apple.com/kb/ht213442

Trust: 1.7

url:https://support.apple.com/kb/ht213488

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2022-32833

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-32833/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-424922 // VULMON: CVE-2022-32833 // JVNDB: JVNDB-2022-023667 // CNNVD: CNNVD-202212-3334 // NVD: CVE-2022-32833

SOURCES

db:VULHUBid:VHN-424922
db:VULMONid:CVE-2022-32833
db:JVNDBid:JVNDB-2022-023667
db:CNNVDid:CNNVD-202212-3334
db:NVDid:CVE-2022-32833

LAST UPDATE DATE

2024-08-14T14:30:49.718000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-424922date:2023-01-09T00:00:00
db:VULMONid:CVE-2022-32833date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-023667date:2023-11-29T06:16:00
db:CNNVDid:CNNVD-202212-3334date:2022-12-26T00:00:00
db:NVDid:CVE-2022-32833date:2023-08-08T14:22:24.967

SOURCES RELEASE DATE

db:VULHUBid:VHN-424922date:2022-12-15T00:00:00
db:VULMONid:CVE-2022-32833date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-023667date:2023-11-29T00:00:00
db:CNNVDid:CNNVD-202212-3334date:2022-12-15T00:00:00
db:NVDid:CVE-2022-32833date:2022-12-15T19:15:17.777