CVE-2023-42843

CVE Database · CVE-2023-42843

CVE-2023-42843

· MEDIUMAnalyzed

CVSS v3.1

4.3

EPSS

0.86%

Published

Feb 21, 2024

Modified

Dec 9, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Weaknesses (CWE)

CWE-290CWE-290

Affected Products (9)

apple · safari (up to 17.1)vulnerable

apple · ipad_os (up to 16.7.2)vulnerable

apple · ipad_os (up to 17.1)vulnerable

apple · iphone_os (up to 16.7.2)vulnerable

apple · iphone_os (up to 17.1)vulnerable

apple · macosvulnerable

fedoraproject · fedoravulnerable