Vulnerability-Lookup

CVE-2017-7149 (GCVE-0-2017-7149)

Vulnerability from cvelistv5 – Published: 2017-10-23 01:00 – Updated: 2024-08-05 15:56

Summary

Severity ?

No CVSS data available.

CWE

Assigner

apple

References

URL

Tags

	https://hackernoon.com/new-macos-high-sierra-vuln…	x_refsource_MISC
	https://support.apple.com/HT208165	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039513	vdb-entryx_refsource_SECTRACK
	https://www.theregister.co.uk/2017/10/05/apple_pa…	x_refsource_MISC
	http://www.securityfocus.com/bid/101178	vdb-entryx_refsource_BID
	https://nakedsecurity.sophos.com/2017/10/05/urgen…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:56:34.871Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208165"
          },
          {
            "name": "1039513",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039513"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/"
          },
          {
            "name": "101178",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101178"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-09-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"StorageKit\" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-23T09:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208165"
        },
        {
          "name": "1039513",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039513"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/"
        },
        {
          "name": "101178",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101178"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2017-7149",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"StorageKit\" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79",
              "refsource": "MISC",
              "url": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79"
            },
            {
              "name": "https://support.apple.com/HT208165",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208165"
            },
            {
              "name": "1039513",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039513"
            },
            {
              "name": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/",
              "refsource": "MISC",
              "url": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/"
            },
            {
              "name": "101178",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101178"
            },
            {
              "name": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/",
              "refsource": "MISC",
              "url": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2017-7149",
    "datePublished": "2017-10-23T01:00:00",
    "dateReserved": "2017-03-17T00:00:00",
    "dateUpdated": "2024-08-05T15:56:34.871Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-7149\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2017-10-23T01:29:14.157\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \\\"StorageKit\\\" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de macOS anteriores a la 10.13 Supplemental Update. El problema implica el componente \\\"StorageKit\\\". Permite que atacantes averig\u00fcen las contrase\u00f1as para vol\u00famenes codificados por APFS leyendo sugerencias de Disk Utility debido a que el valor de sugerencia almacenado se ha establecido accidentalmente como la propia contrase\u00f1a, no como el valor de sugerencia introducido.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.13\",\"matchCriteriaId\":\"458CC776-A0BA-4229-BD11-EF6B7125F390\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/101178\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039513\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79\",\"source\":\"product-security@apple.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/\",\"source\":\"product-security@apple.com\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT208165\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/\",\"source\":\"product-security@apple.com\",\"tags\":[\"Exploit\",\"Press/Media Coverage\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/101178\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039513\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT208165\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Press/Media Coverage\",\"Third Party Advisory\"]}]}}"
  }
}

VAR-201710-1349

Vulnerability from variot - Updated: 2025-04-20 23:25

An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the "StorageKit" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value. Apple macOS is prone to a local unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access to the affected application. This may aid in further attacks. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. The vulnerability stems from the fact that the program sets the stored prompt value as a password. This was addressed by clearing hint storage if the hint was the password, and by improving the logic for storing hints. CVE-2017-7149: Matheus Mariano of Leet Tech

Security Available for: macOS High Sierra 10.13 Impact: A malicious application can extract keychain passwords Description: A method existed for applications to bypass the keychain access prompt with a synthetic click. This was addressed by requiring the user password when prompting for keychain access. CVE-2017-7150: Patrick Wardle of Synack

New downloads of macOS High Sierra 10.13 include the security content of the macOS High Sierra 10.13 Supplemental Update.

Installation note:

macOS High Sierra 10.13 Supplemental Update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/

Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJZ1muIAAoJEIOj74w0bLRGK4YP/0po4Tefgarlu0uLyWAxst/6 KTtHK6sJs7wE0nsGJV1SUrKCLtuKo82mOkLJU5a7iS2qBcCLZVFr63HlG6nPDsJU mTfEGcUoVJMLy8BvkHxuQKA9h/4dymZ+4irQZ6ZxUKWYSIBowf0p2oWmwjxKY3v1 BNRx7bLnJH3bOej2EZbwGUVUMVWxlnGTeHQwGNrSoHlWQayZy/S9mJQRFlG8UlrQ C3EH8PxMNJKQuClP5WutREFzoY5uod4v24yFwlz1OdnyNhafprQnRUJaFlpiD0Fi oVf4OnuPOxI1txZ+QIN3virg3/TI/uLKYFpVatrw/sBiFPPD1W3PSHTGF3LtXAVf WFx7OQpAw/IFir2UZXMoOzMA7jrKgROn393/utbNVemoeUlr0SwG83zTsL/fmLGB m0u2PhHgUvTkGmTrdf8DCr1RCs20Q1KahkScUT3iBFoEGP+Tqy1PTgXb+2KFGKL3 nA8r7fWu1aFRu/rLUPO+cs46Y1LSqxmgYlYE1B2W5mpO03EUyNzq3aoI68s97+UI xka2V//xbhFTok4r08bLKK+KvNC2qan6MyMEqqp9PNsWOTtUoEw1EJTrQoQkMkjp /qPFwGe6LDOtxWDB1LMC80Ruto3CiSbkmLN6D9XLYKQnbuJSQiioU/VWIG5EN+lC +olewerlqcRryeVWc4IM =Frfq -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201710-1349",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "apple",
        "version": "10.13"
      },
      {
        "model": "mac os x",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.13"
      },
      {
        "model": "macos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.13"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "101178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-925"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7149"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:apple:mac_os_x",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Matheus Mariano of Leet Tech",
    "sources": [
      {
        "db": "BID",
        "id": "101178"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-7149",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-7149",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-115352",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2017-7149",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-7149",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-7149",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201703-925",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-115352",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-115352"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-925"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7149"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"StorageKit\" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value. Apple macOS is prone to a local unauthorized-access vulnerability. \nAttackers can exploit this issue to gain unauthorized access to the  affected application. This may aid in further attacks. Apple macOS High Sierra is a set of dedicated operating systems developed by Apple (Apple) for Mac computers. The vulnerability stems from the fact that the program sets the stored prompt value as a password. This was \naddressed by clearing hint storage if the hint was the password, and \nby improving the logic for storing hints. \nCVE-2017-7149: Matheus Mariano of Leet Tech\n\nSecurity\nAvailable for: macOS High Sierra 10.13\nImpact: A malicious application can extract keychain passwords\nDescription: A method existed for applications to bypass the\nkeychain access prompt with a synthetic click. This was addressed by\nrequiring the user password when prompting for keychain access. \nCVE-2017-7150: Patrick Wardle of Synack\n\nNew downloads of macOS High Sierra 10.13 include the security\ncontent of the macOS High Sierra 10.13 Supplemental Update. \n\nInstallation note:\n\nmacOS High Sierra 10.13 Supplemental Update may be obtained from the\nMac App Store or Apple\u0027s Software Downloads web site:\nhttps://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJZ1muIAAoJEIOj74w0bLRGK4YP/0po4Tefgarlu0uLyWAxst/6\nKTtHK6sJs7wE0nsGJV1SUrKCLtuKo82mOkLJU5a7iS2qBcCLZVFr63HlG6nPDsJU\nmTfEGcUoVJMLy8BvkHxuQKA9h/4dymZ+4irQZ6ZxUKWYSIBowf0p2oWmwjxKY3v1\nBNRx7bLnJH3bOej2EZbwGUVUMVWxlnGTeHQwGNrSoHlWQayZy/S9mJQRFlG8UlrQ\nC3EH8PxMNJKQuClP5WutREFzoY5uod4v24yFwlz1OdnyNhafprQnRUJaFlpiD0Fi\noVf4OnuPOxI1txZ+QIN3virg3/TI/uLKYFpVatrw/sBiFPPD1W3PSHTGF3LtXAVf\nWFx7OQpAw/IFir2UZXMoOzMA7jrKgROn393/utbNVemoeUlr0SwG83zTsL/fmLGB\nm0u2PhHgUvTkGmTrdf8DCr1RCs20Q1KahkScUT3iBFoEGP+Tqy1PTgXb+2KFGKL3\nnA8r7fWu1aFRu/rLUPO+cs46Y1LSqxmgYlYE1B2W5mpO03EUyNzq3aoI68s97+UI\nxka2V//xbhFTok4r08bLKK+KvNC2qan6MyMEqqp9PNsWOTtUoEw1EJTrQoQkMkjp\n/qPFwGe6LDOtxWDB1LMC80Ruto3CiSbkmLN6D9XLYKQnbuJSQiioU/VWIG5EN+lC\n+olewerlqcRryeVWc4IM\n=Frfq\n-----END PGP SIGNATURE-----\n\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-7149"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      },
      {
        "db": "BID",
        "id": "101178"
      },
      {
        "db": "VULHUB",
        "id": "VHN-115352"
      },
      {
        "db": "PACKETSTORM",
        "id": "144523"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-7149",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "101178",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1039513",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-925",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "144523",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-115352",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-115352"
      },
      {
        "db": "BID",
        "id": "101178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      },
      {
        "db": "PACKETSTORM",
        "id": "144523"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-925"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7149"
      }
    ]
  },
  "id": "VAR-201710-1349",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-115352"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-20T23:25:55.723000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Apple security updates",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/HT201222"
      },
      {
        "title": "HT208165",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/HT208165"
      },
      {
        "title": "HT208165",
        "trust": 0.8,
        "url": "https://support.apple.com/ja-jp/HT208165"
      },
      {
        "title": "Apple macOS High Sierra StorageKit Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99688"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-925"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-200",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-115352"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7149"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/101178"
      },
      {
        "trust": 1.7,
        "url": "https://support.apple.com/ht208165"
      },
      {
        "trust": 1.7,
        "url": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79"
      },
      {
        "trust": 1.7,
        "url": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/"
      },
      {
        "trust": 1.7,
        "url": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1039513"
      },
      {
        "trust": 0.9,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7149"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7149"
      },
      {
        "trust": 0.3,
        "url": "https://www.apple.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.apple.com/macosx/"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/downloads/"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/kb/ht201222"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "https://gpgtools.org"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7150"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-115352"
      },
      {
        "db": "BID",
        "id": "101178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      },
      {
        "db": "PACKETSTORM",
        "id": "144523"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-925"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7149"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-115352"
      },
      {
        "db": "BID",
        "id": "101178"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      },
      {
        "db": "PACKETSTORM",
        "id": "144523"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-925"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-7149"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-10-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-115352"
      },
      {
        "date": "2017-10-05T00:00:00",
        "db": "BID",
        "id": "101178"
      },
      {
        "date": "2017-11-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      },
      {
        "date": "2017-10-05T18:22:22",
        "db": "PACKETSTORM",
        "id": "144523"
      },
      {
        "date": "2017-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-925"
      },
      {
        "date": "2017-10-23T01:29:14.157000",
        "db": "NVD",
        "id": "CVE-2017-7149"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-115352"
      },
      {
        "date": "2017-10-05T00:00:00",
        "db": "BID",
        "id": "101178"
      },
      {
        "date": "2017-11-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201703-925"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-7149"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "BID",
        "id": "101178"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-925"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple macOS of  StorageKit Encrypted in components  APFS Volume password vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-009370"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201703-925"
      }
    ],
    "trust": 0.6
  }
}

GHSA-7C54-6W6X-G29V

Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2025-04-20 03:47

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-7149"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-10-23T01:29:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"StorageKit\" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value.",
  "id": "GHSA-7c54-6w6x-g29v",
  "modified": "2025-04-20T03:47:30Z",
  "published": "2022-05-13T01:46:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7149"
    },
    {
      "type": "WEB",
      "url": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79"
    },
    {
      "type": "WEB",
      "url": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT208165"
    },
    {
      "type": "WEB",
      "url": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/101178"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1039513"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2017-7149

Vulnerability from fkie_nvd - Published: 2017-10-23 01:29 - Updated: 2025-04-20 01:37

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
product-security@apple.com	http://www.securityfocus.com/bid/101178	Third Party Advisory, VDB Entry
product-security@apple.com	http://www.securitytracker.com/id/1039513	Third Party Advisory, VDB Entry
product-security@apple.com	https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79	Exploit, Third Party Advisory
product-security@apple.com	https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/	Exploit, Technical Description, Third Party Advisory
product-security@apple.com	https://support.apple.com/HT208165	Vendor Advisory
product-security@apple.com	https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/	Exploit, Press/Media Coverage, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/101178	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039513	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/	Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT208165	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/	Exploit, Press/Media Coverage, Third Party Advisory

Impacted products

	Vendor	Product	Version
	apple	mac_os_x	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "458CC776-A0BA-4229-BD11-EF6B7125F390",
              "versionEndIncluding": "10.13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"StorageKit\" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de macOS anteriores a la 10.13 Supplemental Update. El problema implica el componente \"StorageKit\". Permite que atacantes averig\u00fcen las contrase\u00f1as para vol\u00famenes codificados por APFS leyendo sugerencias de Disk Utility debido a que el valor de sugerencia almacenado se ha establecido accidentalmente como la propia contrase\u00f1a, no como el valor de sugerencia introducido."
    }
  ],
  "id": "CVE-2017-7149",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-10-23T01:29:14.157",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101178"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039513"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT208165"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Exploit",
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101178"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039513"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT208165"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Press/Media Coverage",
        "Third Party Advisory"
      ],
      "url": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2017-32739

Vulnerability from cnvd - Published: 2017-11-03

Title

Apple macOS High Sierra StorageKit信息泄露漏洞

Description

Apple macOS High Sierra是美国苹果（Apple）公司的一套专为Mac计算机所开发的专用操作系统。StorageKit component是其中的一个存储组件。 Apple macOS High Sierra 10.13之前的版本的StorageKit组件存在信息泄露漏洞，该漏洞源于程序将储存的提示值设置为密码。攻击者可通过读取Disk Utility的提示利用该漏洞获取APFS加密卷宗的密码。

Severity

低

Patch Name

Apple macOS High Sierra StorageKit信息泄露漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://support.apple.com/zh-cn/HT208165

Reference

http://seclists.org/fulldisclosure/2017/Oct/9 https://nvd.nist.gov/vuln/detail/CVE-2017-7149

Impacted products

Name
Apple macOS <10.13

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-7149"
    }
  },
  "description": "Apple macOS High Sierra\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u4e3aMac\u8ba1\u7b97\u673a\u6240\u5f00\u53d1\u7684\u4e13\u7528\u64cd\u4f5c\u7cfb\u7edf\u3002StorageKit component\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5b58\u50a8\u7ec4\u4ef6\u3002\r\n\r\nApple macOS High Sierra 10.13\u4e4b\u524d\u7684\u7248\u672c\u7684StorageKit\u7ec4\u4ef6\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5c06\u50a8\u5b58\u7684\u63d0\u793a\u503c\u8bbe\u7f6e\u4e3a\u5bc6\u7801\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8bfb\u53d6Disk Utility\u7684\u63d0\u793a\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6APFS\u52a0\u5bc6\u5377\u5b97\u7684\u5bc6\u7801\u3002",
  "discovererName": "Matheus Mariano of Leet Tech",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://support.apple.com/zh-cn/HT208165",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-32739",
  "openTime": "2017-11-03",
  "patchDescription": "Apple macOS High Sierra\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e13\u4e3aMac\u8ba1\u7b97\u673a\u6240\u5f00\u53d1\u7684\u4e13\u7528\u64cd\u4f5c\u7cfb\u7edf\u3002StorageKit component\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5b58\u50a8\u7ec4\u4ef6\u3002\r\n\r\nApple macOS High Sierra 10.13\u4e4b\u524d\u7684\u7248\u672c\u7684StorageKit\u7ec4\u4ef6\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5c06\u50a8\u5b58\u7684\u63d0\u793a\u503c\u8bbe\u7f6e\u4e3a\u5bc6\u7801\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8bfb\u53d6Disk Utility\u7684\u63d0\u793a\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6APFS\u52a0\u5bc6\u5377\u5b97\u7684\u5bc6\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apple macOS High Sierra StorageKit\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apple macOS \u003c10.13"
  },
  "referenceLink": "http://seclists.org/fulldisclosure/2017/Oct/9\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-7149",
  "serverity": "\u4f4e",
  "submitTime": "2017-10-09",
  "title": "Apple macOS High Sierra StorageKit\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CERTFR-2017-AVI-334

Vulnerability from certfr_avis - Published: 2017-10-06 - Updated: 2017-10-06

De multiples vulnérabilités ont été découvertes dans les produits Apple . Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Apple	macOS	macOS High Sierra versions antérieures à 10.13
	Apple	N/A	watchOS versions antérieures à 4.0.1

References

Title

Publication Time

GSD-2017-7149

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-7149

Aliases

CVE-2017-7149

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-7149",
    "description": "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"StorageKit\" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value.",
    "id": "GSD-2017-7149"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-7149"
      ],
      "details": "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"StorageKit\" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value.",
      "id": "GSD-2017-7149",
      "modified": "2023-12-13T01:21:06.901054Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2017-7149",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"StorageKit\" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79",
            "refsource": "MISC",
            "url": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79"
          },
          {
            "name": "https://support.apple.com/HT208165",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT208165"
          },
          {
            "name": "1039513",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039513"
          },
          {
            "name": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/",
            "refsource": "MISC",
            "url": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/"
          },
          {
            "name": "101178",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/101178"
          },
          {
            "name": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/",
            "refsource": "MISC",
            "url": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.13",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2017-7149"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is affected. The issue involves the \"StorageKit\" component. It allows attackers to discover passwords for APFS encrypted volumes by reading Disk Utility hints, because the stored hint value was accidentally set to the password itself, not the entered hint value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Press/Media Coverage",
                "Third Party Advisory"
              ],
              "url": "https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/"
            },
            {
              "name": "https://support.apple.com/HT208165",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT208165"
            },
            {
              "name": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Technical Description",
                "Third Party Advisory"
              ],
              "url": "https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/"
            },
            {
              "name": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79"
            },
            {
              "name": "1039513",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039513"
            },
            {
              "name": "101178",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/101178"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2017-10-23T01:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-7149 (GCVE-0-2017-7149)

VAR-201710-1349

GHSA-7C54-6W6X-G29V

FKIE_CVE-2017-7149

CNVD-2017-32739

CERTFR-2017-AVI-334

Solution

GSD-2017-7149

Tags

Sightings

Nomenclature