High severity7.8NVD Advisory· Published Oct 23, 2017· Updated Jun 17, 2026
CVE-2017-7149
CVE-2017-7149
Description
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "StorageKit" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
6- hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79nvdExploitThird Party Advisory
- nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/nvdExploitTechnical DescriptionThird Party Advisory
- www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/nvdExploitPress/Media CoverageThird Party Advisory
- www.securityfocus.com/bid/101178nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039513nvdThird Party AdvisoryVDB Entry
- support.apple.com/HT208165nvdVendor Advisory
News mentions
0No linked articles in our index yet.