Unrated severityNVD Advisory· Published Oct 24, 2013· Updated Apr 29, 2026

CVE-2013-5143

Description

The RADIUS service in Server App in Apple OS X Server before 3.0 selects a fallback X.509 certificate in unspecified circumstances, which might allow man-in-the-middle attackers to hijack RADIUS sessions by leveraging knowledge of the private key that matches this fallback certificate.

Affected products

Apple Inc./Os X Server6 versions
cpe:2.3:o:apple:os_x_server:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:apple:os_x_server:*:*:*:*:*:*:*:*range: <=2.2.2
- cpe:2.3:o:apple:os_x_server:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:os_x_server:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:os_x_server:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:os_x_server:2.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:os_x_server:2.2.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/security-announce/2013/Oct/msg00006.htmlnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000