CVE-2011-3436

Open Directory in Apple Mac OS X 10.7 before 10.7.2 does not require a user to provide the current password before changing this password, which allows remote attackers to bypass intended password-change restrictions by leveraging an unattended workstation.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*

Information

Published : 2011-10-14 03:55

Updated : 2017-08-28 18:30


NVD link : CVE-2011-3436

Mitre link : CVE-2011-3436


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

apple

  • mac_os_x
  • mac_os_x_server