Vulnerability Details CVE-2016-1774
The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by reading backup data that lacks intended restrictions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.1%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html
- http://www.securityfocus.com/bid/85054
- http://www.securitytracker.com/id/1035342
- https://support.apple.com/HT206173
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00006.html
- http://www.securityfocus.com/bid/85054
- http://www.securitytracker.com/id/1035342
- https://support.apple.com/HT206173
Products affected by CVE-2016-1774
-
cpe:2.3:o:apple:mac_os_x_server:-
-
cpe:2.3:o:apple:mac_os_x_server:5.0.14
-
cpe:2.3:o:apple:mac_os_x_server:5.0.15
-
cpe:2.3:o:apple:mac_os_x_server:5.0.2
-
cpe:2.3:o:apple:mac_os_x_server:5.0.3