PT-2021-8559 · Apple · Apple Macos
Andreas Nilsson
·
Published
2021-12-23
·
Updated
2022-01-05
·
CVE-2017-13909
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
macOS versions prior to 10.13
Description
A local attacker may gain access to iCloud authentication tokens due to an issue in the storage of sensitive tokens. The issue was addressed by placing the tokens in Keychain.
Recommendations
For versions prior to 10.13, update to macOS High Sierra 10.13 to fix the issue.
Fix
Insecure Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos