Lucene search

AppleCVE-2021-30790

HistorySep 08, 2021 - 2:15 p.m.

CVE-2021-30790

2021-09-0814:15:11

apple

web.nvd.nist.gov

cve-2021-30790

information disclosure

vulnerability

macos

big sur

catalina

mojave

security update

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.001

Percentile

51.1%

JSON

An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.

Affected configurations

Nvd

Vulners

Node

applemac_os_xRange10.14–10.14.5

applemac_os_xRange10.15–10.15.6

applemac_os_xMatch10.14.6-

applemac_os_xMatch10.14.6security_update_2019-001

applemac_os_xMatch10.14.6security_update_2019-002

applemac_os_xMatch10.14.6security_update_2019-004

applemac_os_xMatch10.14.6security_update_2019-005

applemac_os_xMatch10.14.6security_update_2019-006

applemac_os_xMatch10.14.6security_update_2019-007

applemac_os_xMatch10.14.6security_update_2020-001

applemac_os_xMatch10.14.6security_update_2020-002

applemac_os_xMatch10.14.6security_update_2020-003

applemac_os_xMatch10.14.6security_update_2020-004

applemac_os_xMatch10.14.6security_update_2020-005

applemac_os_xMatch10.14.6security_update_2020-006

applemac_os_xMatch10.14.6security_update_2020-007

applemac_os_xMatch10.14.6security_update_2021-001

applemac_os_xMatch10.14.6security_update_2021-002

applemac_os_xMatch10.14.6security_update_2021-003

applemac_os_xMatch10.14.6security_update_2021-004

applemac_os_xMatch10.14.6supplemental_update

applemac_os_xMatch10.14.6supplemental_update_2

applemac_os_xMatch10.15.7-

applemac_os_xMatch10.15.7security_update_2020

applemac_os_xMatch10.15.7security_update_2020-001

applemac_os_xMatch10.15.7security_update_2020-005

applemac_os_xMatch10.15.7security_update_2020-007

applemac_os_xMatch10.15.7security_update_2021-001

applemac_os_xMatch10.15.7security_update_2021-002

applemac_os_xMatch10.15.7security_update_2021-003

applemac_os_xMatch10.15.7supplemental_update

applemacosRange11.0–11.5

VendorProductVersionCPE
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
applemac_os_x10.14.6cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*
applemac_os_x10.14.6cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*
applemac_os_x10.14.6cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*
applemac_os_x10.14.6cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*
applemac_os_x10.14.6cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*
applemac_os_x10.14.6cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*
applemac_os_x10.14.6cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*
applemac_os_x10.14.6cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*
applemac_os_x10.14.6cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	mac_os_x	*	cpe:2.3:o:apple:mac_os_x::::::::
apple	mac_os_x	10.14.6	cpe:2.3:o:apple:mac_os_x:10.14.6:-::::::
apple	mac_os_x	10.14.6	cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001::::::
apple	mac_os_x	10.14.6	cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002::::::
apple	mac_os_x	10.14.6	cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004::::::
apple	mac_os_x	10.14.6	cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005::::::
apple	mac_os_x	10.14.6	cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006::::::
apple	mac_os_x	10.14.6	cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007::::::
apple	mac_os_x	10.14.6	cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001::::::
apple	mac_os_x	10.14.6	cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002::::::

Rows per page:

1-10 of 311

CNA Affected

[
  {
    "product": "Security Update - Catalina",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "2021",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "11.5",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "2021",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]