103582

1040604

1040608

https://support.apple.com/HT208692

https://support.apple.com/HT208693

https://support.apple.com/HT208694

https://support.apple.com/HT208696

https://support.apple.com/HT208697

https://support.apple.com/HT208698

The version of Apple iOS running on the mobile device is prior to 11.3. It is, therefore, affected by multiple vulnerabilities.

The remote host is running a version of macOS that is 10.13.x prior to 10.13.4. It is, therefore, affected by multiple vulnerabilities in the following components :

 - Admin Framework
 - APFS
 - ATS
 - CoreFoundation
 - CoreText
 - Disk Images
 - Disk Management
 - File System Events
 - iCloud Drive
 - Intel Graphics Driver
 - IOFireWireFamily
 - Kernel
 - kext tools
 - LaunchServices
 - Mail
 - Notes
 - NSURLSession
 - NVIDIA Graphics Drivers
 - PDFKit
 - PluginKit
 - Quick Look
 - Security
 - Storage
 - System Preferences
 - Terminal
 - WindowServer

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

According to its banner, the version of Apple TV on the remote device is prior to 11.3. It is, therefore, affected by multiple vulnerabilities as described in the HT208698 security advisory.

Note that only 4th and 5th generation models are affected by these vulnerabilities.

The version of Apple iTunes installed on the remote Windows host is prior to 12.7.4. It is, therefore, affected by multiple vulnerabilities in WebKit as referenced in the HT208694 advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host is running Mac OS X 10.11.6 or Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities affecting the following components :

  - ATS
  - CFNetwork Session
  - CoreFoundation
  - CoreTypes
  - curl
  - Disk Images
  - iCloud Drive
  - Kernel
  - kext tools
  - LaunchServices
  - PluginKit
  - Security
  - Storage
  - Terminal

The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.4. It is, therefore, affected by multiple vulnerabilities in the following components :

  - Admin Framework
  - APFS
  - ATS
  - CoreFoundation
  - CoreText
  - Disk Images
  - Disk Management
  - File System Events
  - iCloud Drive
  - Intel Graphics Driver
  - IOFireWireFamily
  - Kernel
  - kext tools
  - LaunchServices
  - Mail
  - Notes
  - NSURLSession
  - NVIDIA Graphics Drivers
  - PDFKit
  - PluginKit
  - Quick Look
  - Security
  - Storage
  - System Preferences
  - Terminal
  - WindowServer

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

ID	Name	Product	Family	Severity
700548	Apple iOS < 11.3 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high
700515	macOS 10.13.x < 10.13.4 Multiple Vulnerabilities	Nessus Network Monitor	Operating System Detection	critical
109060	Apple TV < 11.3 Multiple Vulnerabilities	Nessus	Misc.	high
108812	Apple iOS < 11.3 Multiple Vulnerabilities	Nessus	Mobile Devices	high
108796	Apple iTunes < 12.7.3 WebKit Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	high
108795	Apple iTunes < 12.7.4 WebKit Multiple Vulnerabilities (credentialed check)	Nessus	Windows	high
108787	macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-002)	Nessus	MacOS X Local Security Checks	high
108786	macOS 10.13.x < 10.13.4 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical

CVE-2018-4144

HIGH

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins

high

critical

high

high

high

high

high

critical