CVE-2017-13907Apple Macos vulnerability

4 documents4 sources
Severity
6.8MEDIUMNVD
EPSS
0.1%
top 81.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple MAC OS X
Timeline
PublishedDec 23
Latest updateDec 24

Description

A state management issue was addressed with improved state validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan. The screen lock may unexpectedly remain unlocked.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5apple/macosunspecified10.13
NVDapple/mac_os_x10.1110.11.6+2

🔴Vulnerability Details

2
GHSA
GHSA-663j-r8mg-5ccg: A state management issue was addressed with improved state validation2021-12-24
CVEList
CVE-2017-13907: A state management issue was addressed with improved state validation2021-12-23

📋Vendor Advisories

1
Apple
CVE-2017-13907: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan2017-10-31
CVE-2017-13907 — Apple Macos vulnerability | cvebase