Lucene search

[email protected]NVD:CVE-2020-9810

HistoryOct 22, 2020 - 6:15 p.m.

CVE-2020-9810

2020-10-2218:15:13

[email protected]

web.nvd.nist.gov

logic issue

macos catalina

bypass login window

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

29.0%

JSON

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.5. A person with physical access to a Mac may be able to bypass Login Window.

Affected configurations

Nvd

Node

applemac_os_xRange10.15.4–10.15.5

VendorProductVersionCPE
applemac_os_x*cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	mac_os_x	*	cpe:2.3:o:apple:mac_os_x::::::::

References

support.apple.com/kb/HT211170

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

29.0%

JSON

Related for NVD:CVE-2020-9810

prion1 cvelist1 cve1 apple2