Lucene search

AppleCVE-2017-7082

HistoryOct 23, 2017 - 1:29 a.m.

CVE-2017-7082

2017-10-2301:29:11

CWE-200

apple

web.nvd.nist.gov

apple

macos

security issue

cve-2017-7082

screen lock

application firewall

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

2.4

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

4.8

Confidence

Low

EPSS

0.001

Percentile

38.8%

JSON

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the “Screen Lock” component. It allows physically proximate attackers to read Application Firewall prompts.

Affected configurations

Nvd

Node

applemac_os_xRange≤10.12.6

VendorProductVersionCPE
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	mac_os_x	*	cpe:2.3:o:apple:mac_os_x::::::::

References

www.securityfocus.com/bid/100993

www.securitytracker.com/id/1039427

support.apple.com/HT208144

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

2.4

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

4.8

Confidence

Low

EPSS

0.001

Percentile

38.8%

JSON

Related for CVE-2017-7082