Lucene search

K
cve[email protected]CVE-2017-7154
HistoryDec 27, 2017 - 5:08 p.m.

CVE-2017-7154

2017-12-2717:08:00
CWE-20
web.nvd.nist.gov
52
cve-2017-7154
apple
ios
macos
tvos
kernel
local users
memory-read
denial of service
nvd

6.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

6.4 Medium

AI Score

Confidence

High

5.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:N/A:C

0.0004 Low

EPSS

Percentile

0.4%

An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. The issue involves the “Kernel” component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (system crash).

6.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H

6.4 Medium

AI Score

Confidence

High

5.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:N/A:C

0.0004 Low

EPSS

Percentile

0.4%

Related for CVE-2017-7154