CVE-2018-4310Improper Privilege Management in Apple Macos Mojave

CWE-269Improper Privilege Management5 documents3 sources
Severity
10.0CRITICALNVD
EPSS
1.1%
top 22.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple Iphone OSApple MAC OS XApple IOS+2 more
Timeline
PublishedApr 3
Latest updateMay 13

Description

An access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages5 packages

Appleapple/macos_mojave10.14
NVDapple/mac_os_x< 10.14
NVDapple/iphone_os< 12.0
Appleapple/ios12

🔴Vulnerability Details

1
GHSA
GHSA-pg95-hjj5-gw29: An access issue was addressed with additional sandbox restrictions2022-05-13

📋Vendor Advisories

3
Apple
CVE-2018-4310: macOS Mojave 10.14.1, Security Update 2018-002 High Sierra, Security Update 2018-005 Sierra2018-10-30
Apple
CVE-2018-4310: macOS Mojave 10.142018-09-24
Apple
CVE-2018-4310: iOS 122018-09-17