CVE-2011-0197Sensitive Information Exposure in Apple MAC OS X

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.0%
top 86.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedJun 24
Latest updateMay 17

Description

App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user's AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrated by a log file that has non-default permissions.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDapple/mac_os_x9 versions+8
NVDapple/mac_os_x_server9 versions+8

Patches

Patch: lists.apple.comPatch: support.apple.comPatch: lists.apple.com

🔴Vulnerability Details

2
GHSA
GHSA-fgcw-5764-g659: App Store in Apple Mac OS X before 102022-05-17
CVEList
CVE-2011-0197: App Store in Apple Mac OS X before 102011-06-24
CVE-2011-0197 — Sensitive Information Exposure in Apple | cvebase