CVE-2024-23242

CVE Database · CVE-2024-23242

CVE-2024-23242

· LOWModified

CVSS v3.1

3.3

EPSS

0.21%

Published

Mar 7, 2024

Modified

Apr 2, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A privacy issue was addressed by not logging contents of text fields. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. An app may be able to view Mail data.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-532CWE-532

Affected Products (3)

apple · ipad_os (up to 17.4)vulnerable

apple · iphone_os (up to 17.4)vulnerable

apple · macos (up to 14.4)vulnerable

References (7)

https://support.apple.com/en-us/120893

https://support.apple.com/en-us/120895

http://seclists.org/fulldisclosure/2024/Mar/21

Mailing List

https://support.apple.com/en-us/HT214081

Vendor Advisory

https://support.apple.com/en-us/HT214084

Vendor Advisory

https://support.apple.com/kb/HT214081

https://support.apple.com/kb/HT214084

KEV Catalog EPSS Scores Vendors All CVEs