Apple · Macos X · CVE-2012-3720
**Name of the Vulnerable Software and Affected Versions**
Mac OS X versions prior to 10.7.5
Mac OS X versions 10.8.x prior to 10.8.2
**Description**
The issue allows remote attackers to potentially determine passwords via unspecified access to a mobile account, as password hashes for external-account use are saved even if external accounts are not enabled.
**Recommendations**
For Mac OS X versions prior to 10.7.5, update to version 10.7.5 or later.
For Mac OS X versions 10.8.x prior to 10.8.2, update to version 10.8.2 or later.