CVE-2012-0652 — Sensitive Information Exposure in Apple MAC OS X

CWE-200 — Sensitive Information Exposure2 documents2 sources

Severity

4.9MEDIUMNVD

EPSS

0.1%

top 71.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedMay 11

Latest updateMay 17

Description

Login Window in Apple Mac OS X 10.7.3, when Legacy File Vault or networked home directories are enabled, does not properly restrict what is written to the system log for network logins, which allows local users to obtain sensitive information by reading the log.

CVSS vector

AV:L/AC:L/C:C/I:N/A:NExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

▶NVDapple/mac_os_x10.7.3

🔴Vulnerability Details

GHSA

GHSA-fwm9-hj49-773x: Login Window in Apple Mac OS X 10↗2022-05-17

▶