CVE-2016-4670

EPSS 0.06%
Published 20.02.2017 08:59:00
Last modified 20.04.2025 01:37:25
Source product-security@apple.com
Teams watchlist Login
Open Login

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. The issue involves the "Security" component. It allows local users to discover lengths of arbitrary passwords by reading a log.

Affected products Warnungen 0 Metrics 3 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Apple ≫ iPhone OS Version <= 10.0.3

Apple ≫ macOS X Version <= 10.12.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.187

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	3.3	1.8	1.4	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

https://support.apple.com/HT207271

Vendor Advisory

https://support.apple.com/HT207275

Vendor Advisory

http://www.securityfocus.com/bid/94433

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-4670

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-4670

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-4670

EUVD