CVE-2018-4298Apple TV vulnerability

5 documents4 sources
Severity
9.8CRITICALNVD
EPSS
0.3%
top 43.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple TVApple Iphone OSApple MAC OS X+1 more
Timeline
PublishedJan 11
Latest updateMay 13

Description

In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a permissions issue existed in Remote Management. This issue was addressed through improved permission validation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

NVDapple/mac_os_x10.13.010.13.3
NVDapple/watchos< 4.2.2
NVDapple/apple_tv< 11.2.5
NVDapple/iphone_os< 11.2.5

🔴Vulnerability Details

2
GHSA
GHSA-6cxj-c4fv-jm22: In macOS High Sierra before 102022-05-13
CVEList
CVE-2018-4298: In macOS High Sierra before 102019-01-11

📋Vendor Advisories

2
Apple
CVE-2018-4298: macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan2018-03-29
Apple
CVE-2018-4298: macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan2018-01-23
CVE-2018-4298 — Apple TV vulnerability | cvebase