macOS 10.13.x < 10.13.4 Multiple Vulnerabilities
critical Nessus Network Monitor Plugin ID 700515
Synopsis
The remote host is missing a macOS update that fixes multiple security vulnerabilities.Description
The remote host is running a version of macOS that is 10.13.x prior to 10.13.4. It is, therefore, affected by multiple vulnerabilities in the following components :- Admin Framework
- APFS
- ATS
- CoreFoundation
- CoreText
- Disk Images
- Disk Management
- File System Events
- iCloud Drive
- Intel Graphics Driver
- IOFireWireFamily
- Kernel
- kext tools
- LaunchServices
- Notes
- NSURLSession
- NVIDIA Graphics Drivers
- PDFKit
- PluginKit
- Quick Look
- Security
- Storage
- System Preferences
- Terminal
- WindowServer
Note that successful exploitation of the most serious issues can result in arbitrary code execution.
Solution
Upgrade to macOS version 10.13.4 or later.See Also
Plugin Details
Severity: Critical
ID: 700515
Family: Operating System Detection
Published: 4/10/2019
Updated: 4/10/2019
Nessus ID: 108786
Risk Information
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Temporal Vector: CVSS2#E:POC/RL:OF/RC:C
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Patch Publication Date: 3/29/2018
Vulnerability Publication Date: 3/29/2018
Reference Information
CVE: CVE-2017-8816, CVE-2017-13890, CVE-2018-4106, CVE-2018-4157, CVE-2018-4154, CVE-2018-4170, CVE-2018-4115, CVE-2018-4155, CVE-2018-4166, CVE-2018-4167, CVE-2018-4151, CVE-2018-4156, CVE-2018-4152, CVE-2018-4158, CVE-2018-4174, CVE-2018-4142, CVE-2018-4150, CVE-2018-4104, CVE-2018-4143, CVE-2018-4144, CVE-2018-4105, CVE-2018-4112, CVE-2018-4176, CVE-2018-4108, CVE-2018-4132, CVE-2018-4135, CVE-2018-4136, CVE-2018-4160, CVE-2018-4139, CVE-2018-4175, CVE-2018-4111, CVE-2018-4138, CVE-2018-4107, CVE-2018-4131
BID: 101998