Описание
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "Security" component. It allows attackers to bypass the keychain access prompt, and consequently extract passwords, via a synthetic click.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.12.6 (включая)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00069
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-521
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "Security" component. It allows attackers to bypass the keychain access prompt, and consequently extract passwords, via a synthetic click.
CVSS3: 6.2
fstec
больше 8 лет назад
Уязвимость компонента Security операционной системы MacOS, позволяющая нарушителю обойти защитные механизмы операционной системы
EPSS
Процентиль: 21%
0.00069
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-521