CVE-2021-30722Sensitive Information Exposure in Apple Macos

8 documents5 sources
Severity
5.9MEDIUMNVD
EPSS
0.5%
top 34.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple MAC OS X
Timeline
PublishedSep 8
Latest updateMay 24

Description

An information disclosure issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. An attacker in a privileged network position may be able to leak sensitive user information.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

CVEListV5apple/macosunspecified11.4+1
NVDapple/macos11.0.111.4
NVDapple/mac_os_x10.14.010.14.5+3

🔴Vulnerability Details

2
GHSA
GHSA-7rv6-hgv9-m9mm: An information disclosure issue was addressed with improved state management2022-05-24
CVEList
CVE-2021-30722: An information disclosure issue was addressed with improved state management2021-09-08

📋Vendor Advisories

3
Apple
CVE-2021-30722: macOS Big Sur 11.42021-05-24
Apple
CVE-2021-30722: Security Update 2021-003 Catalina2021-05-24
Apple
CVE-2021-30722: Security Update 2021-004 Mojave2021-05-24

🕵️Threat Intelligence

2
Talos
Vulnerability Spotlight: A deep dive into macOS SMB server2021-06-02
Talos
Vulnerability Spotlight: A deep dive into macOS SMB server2021-06-02
CVE-2021-30722 — Sensitive Information Exposure | cvebase