CVE-2013-5143

3 documents3 sources
Severity
6.8MEDIUM
EPSS
0.2%
top 59.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple OS X Server
Timeline
PublishedOct 24
Latest updateMay 17

Description

The RADIUS service in Server App in Apple OS X Server before 3.0 selects a fallback X.509 certificate in unspecified circumstances, which might allow man-in-the-middle attackers to hijack RADIUS sessions by leveraging knowledge of the private key that matches this fallback certificate.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

NVDapple/os_x_server2.2.2+5

🔴Vulnerability Details

2
GHSA
GHSA-vx62-2fm4-r5vw: The RADIUS service in Server App in Apple OS X Server before 32022-05-17
CVEList
CVE-2013-5143: The RADIUS service in Server App in Apple OS X Server before 32013-10-24
CVE-2013-5143 (MEDIUM CVSS 6.8) | The RADIUS service in Server App in | cvebase.io