PT-2019-7960 · Apple · Security Update 2018-001 El Capitan+2

Glenn G. Bruckno

Published

2019-01-11

Updated

2019-10-03

CVE-2017-13889

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS High Sierra versions prior to 10.13.3 Security Update 2018-001 Sierra (affected versions not specified) Security Update 2018-001 El Capitan (affected versions not specified)

Description A logic error existed in the validation of credentials. This issue was addressed with improved credential validation.

Recommendations For macOS High Sierra versions prior to 10.13.3, update to version 10.13.3 or later to resolve the issue. For Security Update 2018-001 Sierra and Security Update 2018-001 El Capitan, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2017-13889

Affected Products

Security Update 2018-001 El Capitan

Security Update 2018-001 Sierra

Macos High Sierra

PT-2019-7960 · Apple · Security Update 2018-001 El Capitan+2

CVE-2017-13889

Weakness Enumeration

Related Identifiers

Affected Products

References · 3