Vulnerability & Exploit Database

Back to search

OS X update for Directory Utility (CVE-2017-13872)

Severity CVSS Published Added Modified
9 (AV:N/AC:M/Au:N/C:C/I:C/A:C) November 28, 2017 November 29, 2017 December 17, 2017

Available Exploits 

Description

An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry of the root user name.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

apple-osx-security-update-2017-001