CVE-2024-23295

medium

Description

A permissions issue was addressed to help ensure Personas are always protected. This issue is fixed in visionOS 1.1. An unauthenticated user may be able to use an unprotected Persona.

References

https://support.apple.com/kb/HT214087

https://support.apple.com/en-us/HT214087

https://support.apple.com/en-us/120883

http://seclists.org/fulldisclosure/2024/Mar/26

Details

Source: Mitre, NVD

Published: 2024-03-08

Updated: 2026-04-02

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:C/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00096