CVE-2023-32360
Published: 23 June 2023
An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
cups Launchpad, Ubuntu, Debian |
bionic |
Released
(2.2.7-1ubuntu2.10+esm3)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
| focal |
Released
(2.3.1-9ubuntu1.5)
|
|
| jammy |
Released
(2.4.1op1-1ubuntu4.6)
|
|
| lunar |
Released
(2.4.2-3ubuntu2.4)
|
|
| mantic |
Not vulnerable
(2.4.6-0ubuntu1)
|
|
| trusty |
Ignored
(end of standard support)
|
|
| upstream |
Needs triage
|
|
| xenial |
Released
(2.1.3-4ubuntu0.11+esm5)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
|
Patches: upstream: https://github.com/OpenPrinting/cups/commit/a0c8b9c9556882f00c68b9727a95a1b6d1452913 |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | None |
| Availability impact | None |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
References
- https://support.apple.com/en-us/HT213760
- https://support.apple.com/en-us/HT213759
- https://support.apple.com/en-us/HT213758
- https://ubuntu.com/security/notices/USN-6361-1
- https://ubuntu.com/security/notices/USN-6361-2
- https://www.cve.org/CVERecord?id=CVE-2023-32360
- NVD
- Launchpad
- Debian