Vulnerability & Exploit Database

Back to search

OS X update for Directory Utility (CVE-2017-13872)

Severity CVSS Published Added Modified
4 (AV:L/AC:M/Au:N/C:P/I:P/A:P) November 28, 2017 November 29, 2017 December 06, 2017

Description

An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry of the root user name.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

apple-osx-security-update-2017-001