var-201704-0716
Vulnerability from variot
An issue was discovered in certain Apple products. macOS Server before 5.3 is affected. The issue involves the "Wiki Server" component. It allows remote attackers to enumerate user accounts via unspecified vectors. An attacker may leverage this issue to harvest valid usernames, which may aid in further attacks. Wiki Server is one of the web-based services that provides functions such as wikis, blogs, calendars, and contacts. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2017-03-27-7 macOS Server 5.3
macOS Server 5.3 is now available and addresses the following:
Profile Manager Available for: macOS 10.12.4 and later Impact: A remote user may be able to cause a denial-of-service Description: A crafted request may cause a global cache to grow indefinitely, leading to a denial-of-service. This was addressed by not caching unknown MIME types. CVE-2016-0751
Web Server Available for: macOS 10.12.4 and later Impact: A remote attacker may be able to cause a denial of service against the HTTP server via partial HTTP requests Description: This issue was addressed by adding mod_reqtimeout. CVE-2017-2382: Maris Kocins of SEMTEXX LTD
Installation note:
macOS Server 5.3 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo7AAoJEIOj74w0bLRGF7wP/jfxkNq1X/N7FcXsboILFYkn e5i+hnumf2VSjJnR9saAsQAdSxKxeiByq+j4GLVRiLTlcrLLKE03vYlBaDdQTy2U Y9qQ1HRu6wYwx38y3IQFr5JUQM2BG8yuaodfyQzgSEHUUqNMf0jZFpikub+c3PSh DNUok50Gq4+ifa389TNIs1BPnFZE1yzvXwbOJomweMbc1qXnyfs9yl+ZhgtI62uI E7SwLL2dMBnzWJm31VdZ8WPUtsN23LIBl02Jn60mZzERRsJ8q/+v5q1nTdx2BUkp 9dMShg5XS1pmH+NpZfiFoBCeCDLXrUydBUNWlrvuTJKZDzycEwp2NKtOxbCfzF/e 2B7+exz7C1i3sDkBa9ao/ifxQZR+6aXryvHQASI2M5lY3GUvSd4+e5DfXJ38Abar Od0OIKgVQ6IiXdseC0+NidPlsQiwkTh1jLHHIQzOi5sIo/wp+76XV88qkANBnC2n 8fPsCEXBMt+E3wju5fwLYQlCWz0dALYOtTkoPX7L5/LhBxdyk9YxGn/6OzTosjtC /uEdg7UB/+AKzN6XWbRHBO6hyfEqhotllD0cOYewP6ArfFf/LYAROPxxqvnZPx5b 6SzWprQPbywXJ4WILWbK94tkelJXy0q9ijfINrGojMwOJ+JcM6FwGot6SmOZEpqZ WRqXbE4VG2eU2fGJZ/Sw =a6xp -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0716",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os server",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "5.2"
},
{
"model": "macos server",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.3 (macos sierra 10.12.4 or later )"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "macos server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.10"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "macos server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.3"
},
{
"model": "os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.1.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.7.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
}
],
"sources": [
{
"db": "BID",
"id": "97128"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002414"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1253"
},
{
"db": "NVD",
"id": "CVE-2017-2382"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:os_x_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002414"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Maris Kocins of SEMTEXX LTD",
"sources": [
{
"db": "BID",
"id": "97128"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1253"
}
],
"trust": 0.9
},
"cve": "CVE-2017-2382",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-2382",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-110585",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2382",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2382",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2382",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-1253",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-110585",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110585"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002414"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1253"
},
{
"db": "NVD",
"id": "CVE-2017-2382"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. macOS Server before 5.3 is affected. The issue involves the \"Wiki Server\" component. It allows remote attackers to enumerate user accounts via unspecified vectors. \nAn attacker may leverage this issue to harvest valid usernames, which may aid in further attacks. Wiki Server is one of the web-based services that provides functions such as wikis, blogs, calendars, and contacts. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-03-27-7 macOS Server 5.3\n\nmacOS Server 5.3 is now available and addresses the following:\n\nProfile Manager\nAvailable for: macOS 10.12.4 and later\nImpact: A remote user may be able to cause a denial-of-service\nDescription: A crafted request may cause a global cache to grow\nindefinitely, leading to a denial-of-service. This was addressed by\nnot caching unknown MIME types. \nCVE-2016-0751\n\nWeb Server\nAvailable for: macOS 10.12.4 and later\nImpact: A remote attacker may be able to cause a denial of service\nagainst the HTTP server via partial HTTP requests\nDescription: This issue was addressed by adding mod_reqtimeout. \nCVE-2017-2382: Maris Kocins of SEMTEXX LTD\n\nInstallation note:\n\nmacOS Server 5.3 may be obtained from the Mac App Store. \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCgAGBQJY2Yo7AAoJEIOj74w0bLRGF7wP/jfxkNq1X/N7FcXsboILFYkn\ne5i+hnumf2VSjJnR9saAsQAdSxKxeiByq+j4GLVRiLTlcrLLKE03vYlBaDdQTy2U\nY9qQ1HRu6wYwx38y3IQFr5JUQM2BG8yuaodfyQzgSEHUUqNMf0jZFpikub+c3PSh\nDNUok50Gq4+ifa389TNIs1BPnFZE1yzvXwbOJomweMbc1qXnyfs9yl+ZhgtI62uI\nE7SwLL2dMBnzWJm31VdZ8WPUtsN23LIBl02Jn60mZzERRsJ8q/+v5q1nTdx2BUkp\n9dMShg5XS1pmH+NpZfiFoBCeCDLXrUydBUNWlrvuTJKZDzycEwp2NKtOxbCfzF/e\n2B7+exz7C1i3sDkBa9ao/ifxQZR+6aXryvHQASI2M5lY3GUvSd4+e5DfXJ38Abar\nOd0OIKgVQ6IiXdseC0+NidPlsQiwkTh1jLHHIQzOi5sIo/wp+76XV88qkANBnC2n\n8fPsCEXBMt+E3wju5fwLYQlCWz0dALYOtTkoPX7L5/LhBxdyk9YxGn/6OzTosjtC\n/uEdg7UB/+AKzN6XWbRHBO6hyfEqhotllD0cOYewP6ArfFf/LYAROPxxqvnZPx5b\n6SzWprQPbywXJ4WILWbK94tkelJXy0q9ijfINrGojMwOJ+JcM6FwGot6SmOZEpqZ\nWRqXbE4VG2eU2fGJZ/Sw\n=a6xp\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2382"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002414"
},
{
"db": "BID",
"id": "97128"
},
{
"db": "VULHUB",
"id": "VHN-110585"
},
{
"db": "PACKETSTORM",
"id": "141935"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2382",
"trust": 2.9
},
{
"db": "BID",
"id": "97128",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1038144",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU90482935",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002414",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1253",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-110585",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "141935",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110585"
},
{
"db": "BID",
"id": "97128"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002414"
},
{
"db": "PACKETSTORM",
"id": "141935"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1253"
},
{
"db": "NVD",
"id": "CVE-2017-2382"
}
]
},
"id": "VAR-201704-0716",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-110585"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:55:57.130000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT201222"
},
{
"title": "HT207604",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT207604"
},
{
"title": "HT207604",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT207604"
},
{
"title": "Apple macOS Server Wiki Server Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74770"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002414"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1253"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110585"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002414"
},
{
"db": "NVD",
"id": "CVE-2017-2382"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/97128"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht207604"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1038144"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2382"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2382"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90482935/index.html"
},
{
"trust": 0.3,
"url": "https://www.apple.com/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/in/macos/server/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-0751"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6750"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110585"
},
{
"db": "BID",
"id": "97128"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002414"
},
{
"db": "PACKETSTORM",
"id": "141935"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1253"
},
{
"db": "NVD",
"id": "CVE-2017-2382"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-110585"
},
{
"db": "BID",
"id": "97128"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002414"
},
{
"db": "PACKETSTORM",
"id": "141935"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1253"
},
{
"db": "NVD",
"id": "CVE-2017-2382"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-110585"
},
{
"date": "2017-03-27T00:00:00",
"db": "BID",
"id": "97128"
},
{
"date": "2017-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002414"
},
{
"date": "2017-03-27T23:33:33",
"db": "PACKETSTORM",
"id": "141935"
},
{
"date": "2017-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1253"
},
{
"date": "2017-04-02T01:59:00.417000",
"db": "NVD",
"id": "CVE-2017-2382"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-12T00:00:00",
"db": "VULHUB",
"id": "VHN-110585"
},
{
"date": "2017-03-29T00:02:00",
"db": "BID",
"id": "97128"
},
{
"date": "2017-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002414"
},
{
"date": "2017-09-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1253"
},
{
"date": "2024-11-21T03:23:24.880000",
"db": "NVD",
"id": "CVE-2017-2382"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1253"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple macOS Server of Wiki Server component enumeration vulnerability in server component",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002414"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1253"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…