CVE-2011-3215Apple MAC OS X vulnerability

CWE-2643 documents3 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 79.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedOct 14
Latest updateMay 17

Description

The kernel in Apple Mac OS X before 10.7.2 does not properly prevent FireWire DMA in the absence of a login, which allows physically proximate attackers to bypass intended access restrictions and discover a password by making a DMA request in the (1) loginwindow, (2) boot, or (3) shutdown state.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

NVDapple/mac_os_x10.7.1+67
NVDapple/mac_os_x_server10.7.1+67

🔴Vulnerability Details

2
GHSA
GHSA-5pc3-4xfr-ch2q: The kernel in Apple Mac OS X before 102022-05-17
CVEList
CVE-2011-3215: The kernel in Apple Mac OS X before 102011-10-14
CVE-2011-3215 — Apple MAC OS X vulnerability | cvebase