CVE-2011-0231Sensitive Information Exposure in Apple MAC OS X

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 47.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedOct 14
Latest updateMay 17

Description

CFNetwork in Apple Mac OS X before 10.7.2 does not properly follow an intended cookie-storage policy, which makes it easier for remote web servers to track users via a cookie, related to a "synchronization issue."

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDapple/mac_os_x10.7.1+67
NVDapple/mac_os_x_server10.7.1+67

🔴Vulnerability Details

2
GHSA
GHSA-934g-h9g6-2f63: CFNetwork in Apple Mac OS X before 102022-05-17
CVEList
CVE-2011-0231: CFNetwork in Apple Mac OS X before 102011-10-14
CVE-2011-0231 — Sensitive Information Exposure in Apple | cvebase