CVE-2008-1578Sensitive Information Exposure in Apple MAC OS X

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 79.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedJun 2
Latest updateMay 1

Description

The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the command line, which allows local users to obtain sensitive information by listing the process.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDapple/mac_os_x4 versions+3
NVDapple/mac_os_x_server4 versions+3

Patches

Patch: lists.apple.comPatch: www.us-cert.govPatch: lists.apple.com

🔴Vulnerability Details

2
GHSA
GHSA-8j9x-qhpc-gcg8: The sso_util program in Single Sign-On in Apple Mac OS X before 102022-05-01
CVEList
CVE-2008-1578: The sso_util program in Single Sign-On in Apple Mac OS X before 102008-06-02
CVE-2008-1578 — Sensitive Information Exposure in Apple | cvebase