{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-32904","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","assignerShortName":"apple","dateUpdated":"2025-05-06T19:25:01.820Z","dateReserved":"2022-06-09T00:00:00.000Z","datePublished":"2022-11-01T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2022-11-01T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data."}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","lessThan":"13","status":"affected","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","lessThan":"11.7","status":"affected","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","lessThan":"12.6","status":"affected","versionType":"custom"}]}],"references":[{"url":"https://support.apple.com/en-us/HT213443"},{"url":"https://support.apple.com/en-us/HT213444"},{"url":"https://support.apple.com/en-us/HT213488"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"An app may be able to access user-sensitive data"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T07:54:03.143Z"},"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT213443","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213444","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213488","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-284","lang":"en","description":"CWE-284 Improper Access Control"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-05-06T19:24:30.438956Z","id":"CVE-2022-32904","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-06T19:25:01.820Z"}}]}}