Backup Data Exposure in Time Machine Server on Apple OS X
CVE-2016-1774

5.3MEDIUM

Key Information:

Vendor

Apple
Status
Mac Os X Server
Vendor
CVE Published:
24 March 2016

What is CVE-2016-1774?

The Time Machine server in Apple OS X Server prior to version 5.1 fails to alert users when permissions are ignored during backup processes. This oversight can enable remote attackers to exploit the situation, potentially reading sensitive information from backup data that should have been restricted. As a result, it poses a risk of data exposure, impacting users' privacy and security.

References

http://www.securitytracker.com/id/1035342
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/85054
vdb-entryx_refsource_BID
https://support.apple.com/HT206173
x_refsource_CONFIRM

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-1774 : Backup Data Exposure in Time Machine Server on Apple OS X