{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-23239","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2024-01-12T22:22:21.480Z","datePublished":"2024-03-08T01:36:09.093Z","dateUpdated":"2026-04-02T18:24:19.629Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An app may be able to leak sensitive user information"}]}],"affected":[{"vendor":"Apple","product":"iOS and iPadOS","versions":[{"version":"0","status":"affected","lessThan":"17.4","versionType":"custom"}]},{"vendor":"Apple","product":"macOS","versions":[{"version":"0","status":"affected","lessThan":"14.4","versionType":"custom"}]},{"vendor":"Apple","product":"tvOS","versions":[{"version":"0","status":"affected","lessThan":"17.4","versionType":"custom"}]},{"vendor":"Apple","product":"watchOS","versions":[{"version":"0","status":"affected","lessThan":"10.4","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"A race condition was addressed with improved state handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, watchOS 10.4. An app may be able to leak sensitive user information."}],"references":[{"url":"https://support.apple.com/en-us/120881"},{"url":"https://support.apple.com/en-us/120882"},{"url":"https://support.apple.com/en-us/120893"},{"url":"https://support.apple.com/en-us/120895"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:24:19.629Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-362","lang":"en","description":"CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.9,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"HIGH","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-03-13T21:01:31.786931Z","id":"CVE-2024-23239","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-13T21:07:32.221Z"}},{"title":"CVE Program Container","references":[{"url":"https://support.apple.com/en-us/HT214086","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT214081","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT214084","tags":["x_transferred"]},{"url":"https://support.apple.com/en-us/HT214088","tags":["x_transferred"]},{"url":"http://seclists.org/fulldisclosure/2024/Mar/21","tags":["x_transferred"]},{"url":"http://seclists.org/fulldisclosure/2024/Mar/25","tags":["x_transferred"]},{"url":"http://seclists.org/fulldisclosure/2024/Mar/24","tags":["x_transferred"]},{"url":"https://support.apple.com/kb/HT214088"},{"url":"https://support.apple.com/kb/HT214086"},{"url":"https://support.apple.com/kb/HT214084"},{"url":"https://support.apple.com/kb/HT214081"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-04T18:25:16.160Z"}}]}}