{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-42889","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2023-09-14T19:05:11.460Z","datePublished":"2024-02-21T06:40:41.273Z","dateUpdated":"2025-11-04T19:23:13.709Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An app may be able to bypass certain Privacy preferences"}]}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"14.1","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"13.6","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"unspecified","status":"affected","lessThan":"12.7","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to bypass certain Privacy preferences."}],"references":[{"url":"https://support.apple.com/en-us/HT213984"},{"url":"https://support.apple.com/en-us/HT213985"},{"url":"https://support.apple.com/en-us/HT213983"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2024-02-21T06:40:41.273Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-290","lang":"en","description":"CWE-290 Authentication Bypass by Spoofing"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.3,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"LOW"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-02-21T15:28:22.411218Z","id":"CVE-2023-42889","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-11-25T15:30:01.836Z"}},{"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT213984","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213985","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT213983","tags":["x_transferred"]},{"url":"https://support.apple.com/kb/HT213985"},{"url":"https://support.apple.com/kb/HT213984"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-04T19:23:13.709Z"}}]}}