CVE-2002-2326

Published Dec 31, 2002

Last updated 16 years ago

CVSS info 5.0

Overview

Description: The default configuration of Mail.app in Mac OS X 10.0 through 10.0.4 and 10.1 through 10.1.5 sends iDisk authentication credentials in cleartext when connecting to Mac.com, which could allow remote attackers to obtain passwords by sniffing network traffic.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-310

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6"
          },
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References