CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
76.6%
CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as trusted sites by using encryption without authentication, which can cause the lock icon in Safari to be displayed even when the site’s identity cannot be trusted.
Vendor | Product | Version | CPE |
---|---|---|---|
apple | mac_os_x | 10.3.9 | cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:* |
apple | mac_os_x | 10.4 | cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:* |
apple | mac_os_x | 10.4.1 | cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:* |
apple | mac_os_x | 10.4.2 | cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:* |
apple | mac_os_x | 10.4.3 | cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:* |
apple | mac_os_x | 10.4.4 | cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:* |
apple | mac_os_x | 10.4.5 | cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:* |
apple | mac_os_x | 10.4.6 | cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:* |
apple | mac_os_x | 10.4.7 | cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:* |