macOS 10.13.6 Multiple Vulnerabilities (Security Update 2018-003)
high Nessus Plugin ID 119842
Language:
New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.
VPR Score: 6.7
Synopsis
The remote host is missing a macOS security update that fixes multiple vulnerabilities.Description
The remote host is running macOS 10.13.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities affecting the following components :- AMD
- Disk Images
- IOHIDFamily
- Kernel
- WindowServer
Solution
Install Security Update 2018-003 or later for 10.13.6.See Also
Plugin Details
Severity: High
ID: 119842
File Name: macosx_SecUpd_10_13_6_2018-003.nasl
Version: 1.7
Type: local
Agent: macosx
Family: MacOS X Local Security Checks
Published: 12/21/2018
Updated: 3/13/2020
Dependencies: ssh_get_info.nasl
Risk Information
Risk Factor: High
VPR Score: 6.7
CVSS Score Source: CVE-2018-4465
CVSS v2.0
Base Score: 9.3
Temporal Score: 7.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Temporal Vector: CVSS2#E:POC/RL:OF/RC:C
CVSS v3.0
Base Score: 7.8
Temporal Score: 7
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*, cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, Host/MacOSX/packages/boms
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/5/2018
Vulnerability Publication Date: 12/5/2018
Reference Information
CVE: CVE-2018-4435, CVE-2018-4421, CVE-2018-4449, CVE-2018-4427, CVE-2018-4447, CVE-2018-4465, CVE-2018-4450, CVE-2018-4462, CVE-2018-4431
BID: 106760
APPLE-SA: APPLE-SA-2018-12-05-2