4.8 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
7.9 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
29.3%
The Dictionary app in Apple OS X before 10.10.5 does not use HTTPS, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof word definitions by modifying the client-server data stream.
CPE | Name | Operator | Version |
---|---|---|---|
apple:mac_os_x | apple mac os x | le | 10.10.4 |