CVE-2013-5136
published 2013-10-24CVE-2013-5136: Apple Remote Desktop before 3.7 does not properly use server authentication-type information during decisions about whether to present an…
medium4.3CVSS 3.1
AVNACMAuNCPINAN
Apple Remote Desktop before 3.7 does not properly use server authentication-type information during decisions about whether to present an unencrypted-connection warning message, which allows remote attackers to obtain sensitive information in opportunistic circumstances by sniffing the network during an unintended cleartext VNC session.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | apple_remote_desktop | <= 3.6.2 | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |
| apple | apple_remote_desktop | — | — |