CVE-2024-23201

MEDIUM Year: 2024
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-276
View all →

Vulnerability Description

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.7.4, watchOS 10.3, tvOS 17.3, macOS Ventura 13.6.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3. An app may be able to cause a denial-of-service.

Related Vulnerabilities

CVE-2012-5578

MEDIUM
CVSS:6.2(Medium)

Python keyring has insecure permissions on new databases allowing world-readable files to be created

CWE-2762012

CVE-2024-22085

MEDIUM
CVSS:6.2(Medium)

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. The shadow file is world readable.

CWE-2762024

CVE-2024-23295

MEDIUM
CVSS:6.2(Medium)

A permissions issue was addressed to help ensure Personas are always protected This issue is fixed in visionOS 1.1. An unauthenticated user may be able to use an unprotected Persona.

CWE-2762024

CVE-2020-12075

MEDIUM
CVSS:6.3(Medium)

The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions.

CWE-2762020

CVE-2021-33333

MEDIUM
CVSS:6.3(Medium)

The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19 and 7.2 before fix pack 6, does not properly check user permission, which...

CWE-2762021

CVE-2021-3948

MEDIUM
CVSS:6.3(Medium)

An incorrect default permissions vulnerability was found in the mig-controller. Due to an incorrect cluster namespaces handling an attacker may be able to migrate a malicious workload to the target cl...

CWE-2762021