CVE-2018-4283

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6.

CVSS v3 5.5 MEDIUM
CVSS v2.0 4.9 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector : AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:C/I:N/A:N

Exploitability : 3.9 / Impact : 6.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://support.apple.com/kb/HT208937	Vendor Advisory
https://support.apple.com/kb/HT208937	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-04-03 18:29

Updated : 2024-11-21 04:07

NVD link : CVE-2018-4283

Mitre link : CVE-2018-4283

CVE.ORG link : CVE-2018-4283

JSON object : View

Products Affected

apple

mac_os_x

CWE

CWE-125

Out-of-bounds Read

{"id": "CVE-2018-4283", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2019-04-03T18:29:05.220", "references": [{"url": "https://support.apple.com/kb/HT208937", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT208937", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6."}, {"lang": "es", "value": "Exist\u00eda un problema de lectura fuera de l\u00edmites que conduc\u00eda a la divulgaci\u00f3n de memoria del kernel. Este problema se abord\u00f3 con una validaci\u00f3n de entradas mejorada. Este problema afectaba a macOS High Sierra en versiones anteriores a la 10.13.6."}], "lastModified": "2024-11-21T04:07:07.320", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84791309-ABCF-4701-B4BB-01EDFD6E8E8B", "versionEndExcluding": "10.13.6"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}