macOS High Sierra
by Apple Inc.
CVEs (12)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-13872 | Hig | 0.62 | 8.1 | 0.77 | Nov 29, 2017 | An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry… | ||
| CVE-2017-13908 | 0.00 | — | 0.00 | Dec 23, 2021 | An issue in handling file permissions was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, macOS High Sierra 10.13. A local attacker may be able to execute… | |||
| CVE-2017-13910 | 0.00 | — | 0.00 | Dec 23, 2021 | An access issue was addressed with additional sandbox restrictions on applications. This issue is fixed in macOS High Sierra 10.13. An application may be able to access restricted files. | |||
| CVE-2017-13909 | 0.00 | — | 0.00 | Dec 23, 2021 | An issue existed in the storage of sensitive tokens. This issue was addressed by placing the tokens in Keychain. This issue is fixed in macOS High Sierra 10.13. A local attacker may gain access to iCloud authentication tokens. | |||
| CVE-2017-13907 | 0.00 | — | 0.00 | Dec 23, 2021 | A state management issue was addressed with improved state validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan. The screen lock may unexpectedly remain unlocked. | |||
| CVE-2017-13892 | 0.00 | — | 0.00 | Dec 23, 2021 | An issue existed in the handling of Contact sharing. This issue was addressed with improved handling of user information. This issue is fixed in macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan. Sharing contact information may… | |||
| CVE-2017-13835 | 0.00 | — | 0.00 | Dec 23, 2021 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS High Sierra 10.13. An application may be able to execute arbitrary code with elevated privileges. | |||
| CVE-2017-13905 | 0.00 | — | 0.01 | Dec 23, 2021 | A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges. | |||
| CVE-2017-13911 | 0.00 | — | 0.00 | Apr 3, 2019 | A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS X El Capitan 10.11.6 Security Update 2018-002, macOS Sierra 10.12.6 Security Update 2018-002, macOS High Sierra 10.13.2. | |||
| CVE-2017-7151 | 0.00 | — | 0.00 | Apr 3, 2019 | A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4. | |||
| CVE-2017-13887 | 0.00 | — | 0.00 | Jan 11, 2019 | In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management. | |||
| CVE-2017-13886 | 0.00 | — | 0.00 | Jan 11, 2019 | In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. This issue was addressed with additional restrictions. |
- risk 0.62cvss 8.1epss 0.77
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Utility" component. It allows attackers to obtain administrator access without a password via certain interactions involving entry…
- CVE-2017-13908Dec 23, 2021risk 0.00cvss —epss 0.00
An issue in handling file permissions was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, macOS High Sierra 10.13. A local attacker may be able to execute…
- CVE-2017-13910Dec 23, 2021risk 0.00cvss —epss 0.00
An access issue was addressed with additional sandbox restrictions on applications. This issue is fixed in macOS High Sierra 10.13. An application may be able to access restricted files.
- CVE-2017-13909Dec 23, 2021risk 0.00cvss —epss 0.00
An issue existed in the storage of sensitive tokens. This issue was addressed by placing the tokens in Keychain. This issue is fixed in macOS High Sierra 10.13. A local attacker may gain access to iCloud authentication tokens.
- CVE-2017-13907Dec 23, 2021risk 0.00cvss —epss 0.00
A state management issue was addressed with improved state validation. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan. The screen lock may unexpectedly remain unlocked.
- CVE-2017-13892Dec 23, 2021risk 0.00cvss —epss 0.00
An issue existed in the handling of Contact sharing. This issue was addressed with improved handling of user information. This issue is fixed in macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan. Sharing contact information may…
- CVE-2017-13835Dec 23, 2021risk 0.00cvss —epss 0.00
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS High Sierra 10.13. An application may be able to execute arbitrary code with elevated privileges.
- CVE-2017-13905Dec 23, 2021risk 0.00cvss —epss 0.01
A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges.
- CVE-2017-13911Apr 3, 2019risk 0.00cvss —epss 0.00
A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS X El Capitan 10.11.6 Security Update 2018-002, macOS Sierra 10.12.6 Security Update 2018-002, macOS High Sierra 10.13.2.
- CVE-2017-7151Apr 3, 2019risk 0.00cvss —epss 0.00
A race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4.
- CVE-2017-13887Jan 11, 2019risk 0.00cvss —epss 0.00
In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management.
- CVE-2017-13886Jan 11, 2019risk 0.00cvss —epss 0.00
In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. This issue was addressed with additional restrictions.