CVE-2018-4179Sensitive Information Exposure in Apple Macos High Sierra 10.13.4 Security Update 2018-002 Sierra AND Security Update 20

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 81.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple Macos High Sierra 10.13.4 Security Update 2018-002 Sierra AND Security Update 20
Timeline
PublishedJan 11
Latest updateMay 14

Description

In macOS High Sierra before 10.13.4, there was an issue with the handling of smartcard PINs. This issue was addressed with additional logic.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDapple/mac_os_x10.13.010.13.4

🔴Vulnerability Details

1
GHSA
GHSA-2g4r-w789-9wg5: In macOS High Sierra before 102022-05-14

📋Vendor Advisories

1
Apple
CVE-2018-4179: macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan2018-03-29