Cryptographic Vulnerability in Apple OS X Server
CVE-2016-1777

7.5HIGH

Key Information:

Vendor

Apple
Status
Mac Os X Server
Vendor
CVE Published:
24 March 2016

What is CVE-2016-1777?

The web server component of Apple OS X Server versions prior to 5.1 is vulnerable due to its support of the RC4 encryption algorithm. This outdated cryptographic method poses significant risks as it can be exploited by remote attackers to compromise the integrity and confidentiality of data transmitted over the network. The vulnerability arises from unspecified vectors that allow attackers to weaken cryptographic protections, making it essential for users of affected versions to update and mitigate potential security risks. For more information, consult the provided references for details and recommended actions.

References

http://www.securitytracker.com/id/1035342
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/85054
vdb-entryx_refsource_BID
https://support.apple.com/HT206173
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.