CVE-2002-2326 — Apple MAC OS X vulnerability

CWE-3102 documents2 sources

Severity

5.0MEDIUMNVD

EPSS

0.6%

top 30.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedDec 31

Latest updateApr 30

Description

The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDapple/mac_os_x11 versions+10

🔴Vulnerability Details

GHSA

GHSA-6m42-6g44-jmj9: The default configuration of Mail↗2022-04-30

▶