ID CVE-2017-13871
Summary An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Mail" component. It allows remote attackers to read cleartext e-mail content (for which S/MIME encryption was intended) by leveraging the lack of installation of an S/MIME certificate by the recipient.
References
Vulnerable Configurations
  • Apple Mac OS X
    cpe:2.3:o:apple:mac_os_x
  • Apple Mac OS X 10.0
    cpe:2.3:o:apple:mac_os_x:10.0
  • Apple Mac OS X 10.0.0
    cpe:2.3:o:apple:mac_os_x:10.0.0
  • Apple Mac OS X 10.0.1
    cpe:2.3:o:apple:mac_os_x:10.0.1
  • Apple Mac OS X 10.0.2
    cpe:2.3:o:apple:mac_os_x:10.0.2
  • Apple Mac OS X 10.0.3
    cpe:2.3:o:apple:mac_os_x:10.0.3
  • Apple Mac OS X 10.0.4
    cpe:2.3:o:apple:mac_os_x:10.0.4
  • Apple Mac OS X 10.1
    cpe:2.3:o:apple:mac_os_x:10.1
  • Apple Mac OS X 10.1.0
    cpe:2.3:o:apple:mac_os_x:10.1.0
  • Apple Mac OS X 10.1.1
    cpe:2.3:o:apple:mac_os_x:10.1.1
  • Apple Mac OS X 10.1.2
    cpe:2.3:o:apple:mac_os_x:10.1.2
  • Apple Mac OS X 10.1.3
    cpe:2.3:o:apple:mac_os_x:10.1.3
  • Apple Mac OS X 10.1.4
    cpe:2.3:o:apple:mac_os_x:10.1.4
  • Apple Mac OS X 10.1.5
    cpe:2.3:o:apple:mac_os_x:10.1.5
  • Apple Mac OS X 10.2
    cpe:2.3:o:apple:mac_os_x:10.2
  • Apple Mac OS X 10.2.0
    cpe:2.3:o:apple:mac_os_x:10.2.0
  • Apple Mac OS X 10.2.1
    cpe:2.3:o:apple:mac_os_x:10.2.1
  • Apple Mac OS X 10.2.2
    cpe:2.3:o:apple:mac_os_x:10.2.2
  • Apple Mac OS X 10.2.3
    cpe:2.3:o:apple:mac_os_x:10.2.3
  • Apple Mac OS X 10.2.4
    cpe:2.3:o:apple:mac_os_x:10.2.4
  • Apple Mac OS X 10.2.5
    cpe:2.3:o:apple:mac_os_x:10.2.5
  • Apple Mac OS X 10.2.6
    cpe:2.3:o:apple:mac_os_x:10.2.6
  • Apple Mac OS X 10.2.7
    cpe:2.3:o:apple:mac_os_x:10.2.7
  • Apple Mac OS X 10.2.8
    cpe:2.3:o:apple:mac_os_x:10.2.8
  • Apple Mac OS X 10.3
    cpe:2.3:o:apple:mac_os_x:10.3
  • Apple Mac OS X 10.3.0
    cpe:2.3:o:apple:mac_os_x:10.3.0
  • Apple Mac OS X 10.3.1
    cpe:2.3:o:apple:mac_os_x:10.3.1
  • Apple Mac OS X 10.3.2
    cpe:2.3:o:apple:mac_os_x:10.3.2
  • Apple Mac OS X 10.3.3
    cpe:2.3:o:apple:mac_os_x:10.3.3
  • Apple Mac OS X 10.3.4
    cpe:2.3:o:apple:mac_os_x:10.3.4
  • Apple Mac OS X 10.3.5
    cpe:2.3:o:apple:mac_os_x:10.3.5
  • Apple Mac OS X 10.3.6
    cpe:2.3:o:apple:mac_os_x:10.3.6
  • Apple Mac OS X 10.3.7
    cpe:2.3:o:apple:mac_os_x:10.3.7
  • Apple Mac OS X 10.3.8
    cpe:2.3:o:apple:mac_os_x:10.3.8
  • Apple Mac OS X 10.3.9
    cpe:2.3:o:apple:mac_os_x:10.3.9
  • Apple Mac OS X 10.4
    cpe:2.3:o:apple:mac_os_x:10.4
  • Apple Mac OS X 10.4.0
    cpe:2.3:o:apple:mac_os_x:10.4.0
  • Apple Mac OS X 10.4.1
    cpe:2.3:o:apple:mac_os_x:10.4.1
  • Apple Mac OS X 10.4.2
    cpe:2.3:o:apple:mac_os_x:10.4.2
  • Apple Mac OS X 10.4.3
    cpe:2.3:o:apple:mac_os_x:10.4.3
  • Apple Mac OS X 10.4.4
    cpe:2.3:o:apple:mac_os_x:10.4.4
  • Apple Mac OS X 10.4.5
    cpe:2.3:o:apple:mac_os_x:10.4.5
  • Apple Mac OS X 10.4.6
    cpe:2.3:o:apple:mac_os_x:10.4.6
  • Apple Mac OS X 10.4.7
    cpe:2.3:o:apple:mac_os_x:10.4.7
  • Apple Mac OS X 10.4.8
    cpe:2.3:o:apple:mac_os_x:10.4.8
  • Apple Mac OS X 10.4.9
    cpe:2.3:o:apple:mac_os_x:10.4.9
  • Apple Mac OS X 10.4.10
    cpe:2.3:o:apple:mac_os_x:10.4.10
  • Apple Mac OS X 10.4.11
    cpe:2.3:o:apple:mac_os_x:10.4.11
  • Apple Mac OS X 10.5
    cpe:2.3:o:apple:mac_os_x:10.5
  • Apple Mac OS X 10.5.0
    cpe:2.3:o:apple:mac_os_x:10.5.0
  • Apple Mac OS X 10.5.1
    cpe:2.3:o:apple:mac_os_x:10.5.1
  • Apple Mac OS X 10.5.2
    cpe:2.3:o:apple:mac_os_x:10.5.2
  • Apple Mac OS X 10.5.3
    cpe:2.3:o:apple:mac_os_x:10.5.3
  • Apple Mac OS X 10.5.4
    cpe:2.3:o:apple:mac_os_x:10.5.4
  • Apple Mac OS X 10.5.5
    cpe:2.3:o:apple:mac_os_x:10.5.5
  • Apple Mac OS X 10.5.6
    cpe:2.3:o:apple:mac_os_x:10.5.6
  • Apple Mac OS X 10.5.7
    cpe:2.3:o:apple:mac_os_x:10.5.7
  • Apple Mac OS X 10.5.8
    cpe:2.3:o:apple:mac_os_x:10.5.8
  • Apple Mac OS X 10.6.0
    cpe:2.3:o:apple:mac_os_x:10.6.0
  • Apple Mac OS X 10.6.1
    cpe:2.3:o:apple:mac_os_x:10.6.1
  • Apple Mac OS X 10.6.2
    cpe:2.3:o:apple:mac_os_x:10.6.2
  • Apple Mac OS X 10.6.3
    cpe:2.3:o:apple:mac_os_x:10.6.3
  • Apple Mac OS X 10.6.4
    cpe:2.3:o:apple:mac_os_x:10.6.4
  • Apple Mac OS X 10.6.5
    cpe:2.3:o:apple:mac_os_x:10.6.5
  • Apple Mac OS X 10.6.6
    cpe:2.3:o:apple:mac_os_x:10.6.6
  • Apple Mac OS X 10.6.7
    cpe:2.3:o:apple:mac_os_x:10.6.7
  • Apple Mac OS X 10.6.8
    cpe:2.3:o:apple:mac_os_x:10.6.8
  • Apple Mac OS X 10.7.0
    cpe:2.3:o:apple:mac_os_x:10.7.0
  • Apple Mac OS X 10.7.1
    cpe:2.3:o:apple:mac_os_x:10.7.1
  • Apple Mac OS X 10.7.2
    cpe:2.3:o:apple:mac_os_x:10.7.2
  • Apple Mac OS X 10.7.3
    cpe:2.3:o:apple:mac_os_x:10.7.3
  • Apple Mac OS X 10.7.4
    cpe:2.3:o:apple:mac_os_x:10.7.4
  • Apple Mac OS X 10.7.5
    cpe:2.3:o:apple:mac_os_x:10.7.5
  • Apple Mac OS X 10.8.0
    cpe:2.3:o:apple:mac_os_x:10.8.0
  • Apple Mac OS X 10.8.1
    cpe:2.3:o:apple:mac_os_x:10.8.1
  • Apple Mac OS X 10.8.2
    cpe:2.3:o:apple:mac_os_x:10.8.2
  • Apple Mac OS X 10.8.3
    cpe:2.3:o:apple:mac_os_x:10.8.3
  • Apple Mac OS X 10.8.4
    cpe:2.3:o:apple:mac_os_x:10.8.4
  • Apple Mac OS X 10.8.5
    cpe:2.3:o:apple:mac_os_x:10.8.5
  • Apple Mac OS X 10.8.5 Supplemental Update
    cpe:2.3:o:apple:mac_os_x:10.8.5:supplemental_update
  • Apple Mac OS X 10.9
    cpe:2.3:o:apple:mac_os_x:10.9
  • Apple Mac OS X 10.9.1 (Mavericks)
    cpe:2.3:o:apple:mac_os_x:10.9.1
  • Apple Mac OS X 10.9.2
    cpe:2.3:o:apple:mac_os_x:10.9.2
  • Apple Mac OS X 10.9.3
    cpe:2.3:o:apple:mac_os_x:10.9.3
  • Apple Mac OS X 10.9.4
    cpe:2.3:o:apple:mac_os_x:10.9.4
  • Apple Mac OS X 10.9.5
    cpe:2.3:o:apple:mac_os_x:10.9.5
  • Apple Mac OS X 10.10.0
    cpe:2.3:o:apple:mac_os_x:10.10.0
  • Apple Mac OS X 10.10.1
    cpe:2.3:o:apple:mac_os_x:10.10.1
  • Apple Mac OS X Yosemite 10.10.2
    cpe:2.3:o:apple:mac_os_x:10.10.2
  • Apple Mac OS X 10.10.3
    cpe:2.3:o:apple:mac_os_x:10.10.3
  • Apple Mac OS X 10.10.4
    cpe:2.3:o:apple:mac_os_x:10.10.4
  • Apple Mac OS X 10.10.5
    cpe:2.3:o:apple:mac_os_x:10.10.5
  • Apple Mac OS X 10.11.0
    cpe:2.3:o:apple:mac_os_x:10.11.0
  • Apple Mac OS X 10.11.1
    cpe:2.3:o:apple:mac_os_x:10.11.1
  • Apple Mac OS X 10.11.2
    cpe:2.3:o:apple:mac_os_x:10.11.2
  • Apple Mac OS X 10.11.3
    cpe:2.3:o:apple:mac_os_x:10.11.3
  • Apple Mac OS X 10.11.4
    cpe:2.3:o:apple:mac_os_x:10.11.4
  • Apple Mac OS X 10.11.5
    cpe:2.3:o:apple:mac_os_x:10.11.5
  • Apple Mac OS X 10.11.6
    cpe:2.3:o:apple:mac_os_x:10.11.6
  • Apple Mac OS X 10.12
    cpe:2.3:o:apple:mac_os_x:10.12
  • Apple macOS 10.12.0
    cpe:2.3:o:apple:mac_os_x:10.12.0
  • Apple Mac OS X 10.12.1
    cpe:2.3:o:apple:mac_os_x:10.12.1
  • Apple Mac OS X 10.12.2
    cpe:2.3:o:apple:mac_os_x:10.12.2
  • Apple Mac OS X 10.12.3
    cpe:2.3:o:apple:mac_os_x:10.12.3
  • Apple Mac OS X 10.12.4
    cpe:2.3:o:apple:mac_os_x:10.12.4
  • Apple Mac OS X 10.12.5
    cpe:2.3:o:apple:mac_os_x:10.12.5
  • Apple Mac OS X 10.12.6
    cpe:2.3:o:apple:mac_os_x:10.12.6
  • Apple Mac OS X 10.13
    cpe:2.3:o:apple:mac_os_x:10.13
  • Apple Mac OS X 10.13.0
    cpe:2.3:o:apple:mac_os_x:10.13.0
  • Apple Mac OS X 10.13.1
    cpe:2.3:o:apple:mac_os_x:10.13.1
CVSS
Base: 5.0
Impact:
Exploitability:
nessus via4
NASL family MacOS X Local Security Checks
NASL id MACOS_10_13_2.NASL
description The remote host is running a version of Mac OS X that is 10.13.x prior to 10.13.2. It is, therefore, affected by multiple vulnerabilities in the following components : - apache - curl - Directory Utility - IOAcceleratorFamily - IOKit - Intel Graphics Driver - Kernel - Mail - Mail Drafts - OpenSSL - Screen Sharing Server Note that successful exploitation of the most serious issues can result in arbitrary code execution.
last seen 2019-02-21
modified 2018-07-14
plugin id 105080
published 2017-12-07
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=105080
title macOS 10.13.x < 10.13.2 Multiple Vulnerabilities (Meltdown)
refmap via4
bid 102099
confirm https://support.apple.com/HT208331
sectrack 1039966
Last major update 25-12-2017 - 16:29
Published 25-12-2017 - 16:29
Last modified 02-10-2019 - 20:03
Back to Top