Lucene search

[email protected]NVD:CVE-2017-13837

HistoryApr 03, 2018 - 6:29 a.m.

CVE-2017-13837

2018-04-0306:29:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

53.8%

JSON

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the “Installer” component. It does not properly restrict an app’s entitlements for accessing the FileVault unlock key.

Affected configurations

Nvd

Node

applemac_os_xMatch10.13.0

VendorProductVersionCPE
applemac_os_x10.13.0cpe:2.3:o:apple:mac_os_x:10.13.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	mac_os_x	10.13.0	cpe:2.3:o:apple:mac_os_x:10.13.0:::::::*

References

support.apple.com/HT208144

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

53.8%

JSON

Related for NVD:CVE-2017-13837

prion1 cvelist1 cve1 openvas1 apple2 nessus1