Search for vulnerabilities
Vulnerability details: VCID-n31t-hm5b-aaam
Vulnerability ID VCID-n31t-hm5b-aaam
Aliases CVE-2022-46692
Summary A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy.
Status Published
Exploitability 0.5
Weighted Severity 7.1
Risk 3.5
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3 5.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46692.json
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 0.00094 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2022-46692
cvssv3.1 5.5 http://seclists.org/fulldisclosure/2022/Dec/20
ssvc Track http://seclists.org/fulldisclosure/2022/Dec/20
cvssv3.1 5.5 http://seclists.org/fulldisclosure/2022/Dec/21
ssvc Track http://seclists.org/fulldisclosure/2022/Dec/21
cvssv3.1 5.5 http://seclists.org/fulldisclosure/2022/Dec/23
cvssv3.1 8.2 http://seclists.org/fulldisclosure/2022/Dec/23
generic_textual HIGH http://seclists.org/fulldisclosure/2022/Dec/23
ssvc Track http://seclists.org/fulldisclosure/2022/Dec/23
cvssv3.1 5.5 http://seclists.org/fulldisclosure/2022/Dec/26
ssvc Track http://seclists.org/fulldisclosure/2022/Dec/26
cvssv3.1 5.5 http://seclists.org/fulldisclosure/2022/Dec/28
ssvc Track http://seclists.org/fulldisclosure/2022/Dec/28
cvssv3.1 5.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-46692
cvssv3.1 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-46692
cvssv3.1 5.5 https://security.gentoo.org/glsa/202305-32
ssvc Track https://security.gentoo.org/glsa/202305-32
cvssv3.1 5.5 https://support.apple.com/en-us/HT213530
ssvc Track https://support.apple.com/en-us/HT213530
cvssv3.1 5.5 https://support.apple.com/en-us/HT213531
ssvc Track https://support.apple.com/en-us/HT213531
cvssv3.1 5.5 https://support.apple.com/en-us/HT213532
ssvc Track https://support.apple.com/en-us/HT213532
cvssv3.1 5.5 https://support.apple.com/en-us/HT213535
ssvc Track https://support.apple.com/en-us/HT213535
cvssv3.1 5.5 https://support.apple.com/en-us/HT213536
ssvc Track https://support.apple.com/en-us/HT213536
cvssv3.1 5.5 https://support.apple.com/en-us/HT213537
ssvc Track https://support.apple.com/en-us/HT213537
cvssv3.1 5.5 https://support.apple.com/en-us/HT213538
ssvc Track https://support.apple.com/en-us/HT213538
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46692.json
https://api.first.org/data/v1/epss?cve=CVE-2022-46692
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42856
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42867
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46692
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46698
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46699
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46700
http://seclists.org/fulldisclosure/2022/Dec/20
http://seclists.org/fulldisclosure/2022/Dec/21
http://seclists.org/fulldisclosure/2022/Dec/23
http://seclists.org/fulldisclosure/2022/Dec/26
http://seclists.org/fulldisclosure/2022/Dec/28
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://security.gentoo.org/glsa/202305-32
https://support.apple.com/en-us/HT213530
https://support.apple.com/en-us/HT213531
https://support.apple.com/en-us/HT213532
https://support.apple.com/en-us/HT213535
https://support.apple.com/en-us/HT213536
https://support.apple.com/en-us/HT213537
https://support.apple.com/en-us/HT213538
2156991 https://bugzilla.redhat.com/show_bug.cgi?id=2156991
cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
CVE-2022-46692 https://nvd.nist.gov/vuln/detail/CVE-2022-46692
RHSA-2023:2256 https://access.redhat.com/errata/RHSA-2023:2256
RHSA-2023:2834 https://access.redhat.com/errata/RHSA-2023:2834
USN-5797-1 https://usn.ubuntu.com/5797-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46692.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at http://seclists.org/fulldisclosure/2022/Dec/20
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at http://seclists.org/fulldisclosure/2022/Dec/20
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at http://seclists.org/fulldisclosure/2022/Dec/21
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at http://seclists.org/fulldisclosure/2022/Dec/21
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at http://seclists.org/fulldisclosure/2022/Dec/23
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Found at http://seclists.org/fulldisclosure/2022/Dec/23
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at http://seclists.org/fulldisclosure/2022/Dec/23
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at http://seclists.org/fulldisclosure/2022/Dec/26
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at http://seclists.org/fulldisclosure/2022/Dec/26
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at http://seclists.org/fulldisclosure/2022/Dec/28
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at http://seclists.org/fulldisclosure/2022/Dec/28
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-46692
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-46692
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://security.gentoo.org/glsa/202305-32
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at https://security.gentoo.org/glsa/202305-32
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT213530
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at https://support.apple.com/en-us/HT213530
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT213531
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at https://support.apple.com/en-us/HT213531
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT213532
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at https://support.apple.com/en-us/HT213532
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT213535
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at https://support.apple.com/en-us/HT213535
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT213536
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at https://support.apple.com/en-us/HT213536
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT213537
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at https://support.apple.com/en-us/HT213537
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Found at https://support.apple.com/en-us/HT213538
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T14:27:01Z/ Found at https://support.apple.com/en-us/HT213538
Exploit Prediction Scoring System (EPSS)
Percentile 0.40958
EPSS Score 0.00094
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.