Описание
The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.8.5 (включая)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Конфигурация 2Версия до 3.6.2 (включая)
cpe:2.3:a:apple:apple_remote_desktop:*:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00066
Низкий
3.7 Low
CVSS2
Дефекты
CWE-254
Связанные уязвимости
github
больше 3 лет назад
The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.
EPSS
Процентиль: 21%
0.00066
Низкий
3.7 Low
CVSS2
Дефекты
CWE-254