CVE-2011-3452

2012-02-0218:55:01

CWE-200

apple

web.nvd.nist.gov

cve-2011-3452

apple

mac os x

internet sharing

wi-fi

software update

remote attackers

sensitive information

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

65.8%

JSON

Internet Sharing in Apple Mac OS X before 10.7.3 does not preserve the Wi-Fi configuration across software updates, which allows remote attackers to obtain sensitive information by leveraging the lack of a WEP password for a Wi-Fi network.

Affected configurations

Nvd

Node

applemac_os_xRange≤10.7.2

applemac_os_xMatch10.7.0

applemac_os_xMatch10.7.1

applemac_os_x_serverRange≤10.7.2

applemac_os_x_serverMatch10.7.0

applemac_os_x_serverMatch10.7.1

VendorProductVersionCPE
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
applemac_os_x10.7.0cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*
applemac_os_x10.7.1cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*
applemac_os_x_server*cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*
applemac_os_x_server10.7.0cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*
applemac_os_x_server10.7.1cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	mac_os_x	*	cpe:2.3:o:apple:mac_os_x::::::::
apple	mac_os_x	10.7.0	cpe:2.3:o:apple:mac_os_x:10.7.0:::::::*
apple	mac_os_x	10.7.1	cpe:2.3:o:apple:mac_os_x:10.7.1:::::::*
apple	mac_os_x_server	*	cpe:2.3:o:apple:mac_os_x_server::::::::
apple	mac_os_x_server	10.7.0	cpe:2.3:o:apple:mac_os_x_server:10.7.0:::::::*
apple	mac_os_x_server	10.7.1	cpe:2.3:o:apple:mac_os_x_server:10.7.1:::::::*