CVE-2011-3213Apple MAC OS X vulnerability

CWE-2643 documents3 sources
Severity
7.6HIGHNVD
EPSS
0.2%
top 55.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedOct 14
Latest updateMay 17

Description

The File Systems component in Apple Mac OS X before 10.7.2 does not properly track the specific X.509 certificate that a user manually accepted for an initial https WebDAV connection, which allows man-in-the-middle attackers to hijack WebDAV communication by presenting an arbitrary certificate for a subsequent connection.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages2 packages

NVDapple/mac_os_x10.7.1+67
NVDapple/mac_os_x_server10.7.1+67

🔴Vulnerability Details

2
GHSA
GHSA-6qcx-92g2-v777: The File Systems component in Apple Mac OS X before 102022-05-17
CVEList
CVE-2011-3213: The File Systems component in Apple Mac OS X before 102011-10-14
CVE-2011-3213 — Apple MAC OS X vulnerability | cvebase