This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote host is running a version of MacOS that is affected by
a root authentication bypass vulnerability.
The remote host is running a version of MacOS 10.13 or 10.13.1 that
is missing a security update. It is, therefore, affected by a root
authentication bypass vulnerability. A local attacker or a remote
attacker with credentials for a standard user account has the ability
to blank out the root account password. This can allow an attacker to
escalate privileges to root and execute commands and read files as a
See also :
Install Security Update 2017-001 or later. Alternatively, enable the
root account and set a strong root account password.
Risk factor :
High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.4
Public Exploit Available : true