CVE-2011-3462

MEDIUM

Description

Time Machine in Apple Mac OS X before 10.7.3 does not verify the unique identifier of its remote AFP volume or Time Capsule, which allows remote attackers to obtain sensitive information contained in new backups by spoofing this storage object, a different vulnerability than CVE-2010-1803.

References

http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html

http://support.apple.com/kb/HT5130

Details

Source: MITRE

Published: 2012-02-02

Updated: 2012-02-03

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM