New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 2.5
SynopsisThe remote host has an application installed that is prone to a man-in-the-middle attack.
DescriptionThe remote Mac OS X host has Apple Xcode prior to 5.0 installed. It, therefore, includes a version of git in which the imap-send command reportedly does not verify that a server hostname matches the domain name in its X.509 certificate. A man-in-the-middle attacker could leverage this vulnerability to spoof SSL servers via an arbitrary valid certificate.
SolutionUpgrade to Apple Xcode version 5.0 or later, available for OS X Mountain Lion 10.8.4 or later.