{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-42796","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","assignerShortName":"apple","dateUpdated":"2025-04-22T15:35:05.136Z","dateReserved":"2022-10-11T00:00:00.000Z","datePublished":"2022-11-01T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2022-11-01T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges."}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","lessThan":"13","status":"affected","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","lessThan":"15.7","status":"affected","versionType":"custom"}]}],"references":[{"url":"https://support.apple.com/en-us/HT213445"},{"url":"https://support.apple.com/en-us/HT213488"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"An app may be able to gain elevated privileges"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T13:19:04.407Z"},"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT213445","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213488","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-269","lang":"en","description":"CWE-269 Improper Privilege Management"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.8,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-04-22T15:34:27.294591Z","id":"CVE-2022-42796","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-22T15:35:05.136Z"}}]}}