Unrated severityNVD Advisory· Published Oct 14, 2011· Updated Jun 16, 2026
CVE-2011-3436
CVE-2011-3436
Description
Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current password before changing this password, which allows remote attackers to bypass intended password-change restrictions by leveraging an unattended workstation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*
- (no CPE)range: <10.7.2
cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.