CVE-2013-5163 — Improper Authentication in Apple MAC OS X

CWE-287 — Improper Authentication2 documents2 sources

Severity

6.6MEDIUMNVD

EPSS

0.0%

top 87.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X

Timeline

PublishedOct 4

Latest updateMay 17

Description

Directory Services in Apple Mac OS X before 10.8.5 Supplemental Update allows local users to bypass password-based authentication and modify arbitrary Directory Services records via unspecified vectors.

CVSS vector

AV:L/AC:L/C:N/I:C/A:CExploitability: 3.9 | Impact: 9.2

Affected Packages1 packages

▶NVDapple/mac_os_x10.8.5+5

🔴Vulnerability Details

GHSA

GHSA-w893-7wj8-65rv: Directory Services in Apple Mac OS X before 10↗2022-05-17

▶