Cryptographic Vulnerability in Apple OS X Server Product
CVE-2016-4754

7.5HIGH

Key Information:

Vendor
Apple
Status
Os X Server
Vendor
CVE Published:
25 September 2016

Summary

In earlier versions of OS X Server, the software provides support for the insecure RC4 cipher, potentially allowing remote attackers to exploit this weakness. By doing so, attackers may circumvent cryptographic protections, leading to unauthorized access and data exposure. It is crucial for users to upgrade to version 5.2 or later to mitigate this vulnerability and enhance their security posture.

References

https://support.apple.com/HT207171
x_refsource_CONFIRM
http://www.securitytracker.com/id/1036853
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/93061
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.