CVE-2015-1148 — Sensitive Information Exposure in Apple MAC OS X

CWE-200 — Sensitive Information Exposure4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.3%

top 46.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS X Apple OS X Yosemite V10.10.3 AND Security Update 2015-004

Timeline

PublishedApr 10

Latest updateJul 19

Description

Screen Sharing in Apple OS X before 10.10.3 stores the password of a user in a log file, which might allow context-dependent attackers to obtain sensitive information by reading this file.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDapple/mac_os_x10.10.2

▶Appleapple/os_x_yosemite_v10.10.3_and_security_update_2015-004

🔴Vulnerability Details

OSV

libxmltok vulnerabilities↗2022-07-19

▶

GHSA

GHSA-7j64-fwrj-j8g2: Screen Sharing in Apple OS X before 10↗2022-05-17

▶

📋Vendor Advisories

Apple

CVE-2015-1148: OS X Yosemite v10.10.3 and Security Update 2015-004↗

▶