{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-27955","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","assignerShortName":"apple","dateUpdated":"2025-01-29T14:51:41.383Z","dateReserved":"2023-03-08T00:00:00.000Z","datePublished":"2023-05-08T00:00:00.000Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An app may be able to read arbitrary files"}]}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"13.3","versionType":"custom"}]},{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"unspecified","status":"affected","lessThan":"16.4","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"12.6","versionType":"custom"}]},{"vendor":"Apple","product":"tvOS","versions":[{"version":"unspecified","status":"affected","lessThan":"16.4","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"11.7","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Monterey 12.6.4, tvOS 16.4, macOS Big Sur 11.7.5. An app may be able to read arbitrary files."}],"references":[{"url":"https://support.apple.com/en-us/HT213670"},{"url":"https://support.apple.com/en-us/HT213676"},{"url":"https://support.apple.com/en-us/HT213677"},{"url":"https://support.apple.com/en-us/HT213674"},{"url":"https://support.apple.com/en-us/HT213675"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2023-07-27T03:46:15.357Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T12:23:30.481Z"},"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT213670","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213676","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213677","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213674","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213675","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-120","lang":"en","description":"CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-01-29T14:50:17.512678Z","id":"CVE-2023-27955","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-29T14:51:41.383Z"}}]}}