PT-2019-19070 · Apple · Apple Macos

Colin Meginnis

Published

2019-12-18

Updated

2021-07-21

CVE-2019-8522

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.14.4

Description A logic issue was addressed with improved state management, which allowed an encrypted volume to be unmounted and remounted by a different user without prompting for the password.

Recommendations For versions prior to 10.14.4, update to macOS Mojave 10.14.4 to resolve the issue.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2019-8522

Affected Products

Apple Macos

PT-2019-19070 · Apple · Apple Macos

CVE-2019-8522

Weakness Enumeration

Related Identifiers

Affected Products

References · 3