This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, visionOS 2.2. An attacker in a privileged network position may be able to alter network traffic.
History

Thu, 19 Dec 2024 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipados
Apple iphone Os
Apple macos
Apple visionos
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipados
Apple iphone Os
Apple macos
Apple visionos
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N'}


Thu, 12 Dec 2024 16:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Wed, 11 Dec 2024 23:15:00 +0000

Type Values Removed Values Added
Description This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in macOS Sequoia 15.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, visionOS 2.2. An attacker in a privileged network position may be able to alter network traffic.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-12-11T22:59:01.815Z

Updated: 2024-12-12T15:24:06.422Z

Reserved: 2024-12-03T22:50:35.497Z

Link: CVE-2024-54492

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2024-12-12T02:15:30.350

Modified: 2024-12-19T15:36:15.687

Link: CVE-2024-54492

cve-icon Redhat

No data.