CVE-2016-1774

Name of the Vulnerable Software and Affected Versions OS X Server versions prior to 5.1

Description The issue is related to insufficient access control in the Time Machine server component of Server App in OS X Server. This can be exploited by a remote attacker to obtain sensitive information by reading backup data. The problem arises because the server does not notify the user about ignored permissions during a backup, making it easier for attackers to access restricted data in certain circumstances.

Recommendations For OS X Server versions prior to 5.1, update to version 5.1 or later to resolve the issue. As a temporary workaround, consider restricting access to backup data to minimize the risk of exploitation.