Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:1361412562310832761HistoryJan 08, 2024 - 12:00 a.m.
Apple Mac OS X Security Update (HT214048)
2024-01-0800:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
9
apple mac os x
security update
vulnerability
session rendering
macos sonoma
upgrade
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
5.2
Confidence
High
EPSS
0.001
Percentile
29.9%
Apple Mac OS X is prone to an unspecified
vulnerability.
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.832761");
script_version("2024-02-09T14:47:30+0000");
script_cve_id("CVE-2023-42940");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:C/I:N/A:N");
script_tag(name:"last_modification", value:"2024-02-09 14:47:30 +0000 (Fri, 09 Feb 2024)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-01-04 14:56:00 +0000 (Thu, 04 Jan 2024)");
script_tag(name:"creation_date", value:"2024-01-08 14:54:24 +0530 (Mon, 08 Jan 2024)");
script_name("Apple Mac OS X Security Update (HT214048)");
script_tag(name:"summary", value:"Apple Mac OS X is prone to an unspecified
vulnerability.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
on the target host.");
script_tag(name:"insight", value:"The flaw exists due to a session rendering
issue in Apple macOS Sonoma.");
script_tag(name:"impact", value:"Successful exploitation will allow users who
shares their screen to share the incorrect content unintentionally.");
script_tag(name:"affected", value:"Apple macOS Sonoma prior to version 14.2.1");
script_tag(name:"solution", value:"Upgrade to version 14.2.1 for macOS Sonoma.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
script_xref(name:"URL", value:"https://support.apple.com/en-us/HT214048");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Mac OS X Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/osx_name", "ssh/login/osx_version");
exit(0);
}
include("version_func.inc");
osName = get_kb_item("ssh/login/osx_name");
if(!osName)
exit(0);
osVer = get_kb_item("ssh/login/osx_version");
if(!osVer || osVer !~ "^14\." || "Mac OS X" >!< osName) {
exit(0);
}
if(version_is_less(version:osVer, test_version:"14.2.1")) {
report = report_fixed_ver(installed_version:osVer, fixed_version:"14.2.1");
security_message(port:0, data:report);
exit(0);
}
exit(99);
References
Related
nessus
nessus
macOS 14.x < 14.2.1 (HT214048)
2023-12-19 00:00:00
cve
cve
CVE-2023-42940
2023-12-19 22:15:07
cvelist
cvelist
CVE-2023-42940
2023-12-19 21:13:43
nvd
nvd
CVE-2023-42940
2023-12-19 22:15:07
prion
prion
Session fixation
2023-12-19 22:15:00
apple
apple
About the security content of macOS Sonoma 14.2.1
2023-12-19 00:00:00
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
AI Score
5.2
Confidence
High
EPSS
0.001
Percentile
29.9%
Related for OPENVAS:1361412562310832761