CVE-2013-0982

CWE-200Information Exposure3 documents3 sources
Severity
1.7LOW
EPSS
0.1%
top 80.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple MAC OS X Server
Timeline
PublishedJun 5
Latest updateMay 17

Description

The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage of permanent cookies upon exit from Safari, which might allow physically proximate attackers to bypass cookie-based authentication by leveraging an unattended workstation.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.1 | Impact: 2.9

Affected Packages2 packages

NVDapple/mac_os_x10.8.3+9
NVDapple/mac_os_x_server6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-m5hv-9846-hpc9: The Private Browsing feature in CFNetwork in Apple Mac OS X before 102022-05-17
CVEList
CVE-2013-0982: The Private Browsing feature in CFNetwork in Apple Mac OS X before 102013-06-05
CVE-2013-0982 (LOW CVSS 1.7) | The Private Browsing feature in CFN | cvebase.io