CVE-2018-4289Sensitive Information Exposure in Apple Macos High Sierra 10.13.6 Security Update 2018-004 Sierra Security Update 2018-0

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 55.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MAC OS XApple Macos High Sierra 10.13.6 Security Update 2018-004 Sierra Security Update 2018-0
Timeline
PublishedApr 3
Latest updateMay 14

Description

An information disclosure issue was addressed by removing the vulnerable code. This issue affected versions prior to macOS High Sierra 10.13.6.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

NVDapple/mac_os_x< 10.13.6

🔴Vulnerability Details

1
GHSA
GHSA-h2cf-4p3r-3f7h: An information disclosure issue was addressed by removing the vulnerable code2022-05-14

📋Vendor Advisories

1
Apple
CVE-2018-4289: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan2018-07-09