CVE-2010-0512
Published Mar 30, 2010
Last updated 14 years ago
Overview
- Description
- The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering login credentials.
- Source
- product-security@apple.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Evaluator
- Comment
- -
- Impact
- Per: http://support.apple.com/kb/HT4077 'This issue only affects systems configured to use a network account server, and does not affect systems prior to Mac OS X v10.6.'
- Solution
- Per: http://support.apple.com/kb/HT4077 'This issue only affects systems configured to use a network account server, and does not affect systems prior to Mac OS X v10.6.'
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C69DEE9-3FA5-408E-AD27-F5E7043F852A"
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D25D1FD3-C291-492C-83A7-0AFAFAADC98D"
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B565F77-C310-4B83-B098-22F9489C226C"
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26E34E35-CCE9-42BE-9AFF-561D8AA90E25"
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A04FF6EE-D4DA-4D70-B0CE-154292828531"
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9425320F-D119-49EB-9265-3159070DFE93"
}
],
"operator": "OR"
}
]
}
]