CVE-2014-4425

medium

Description

CFPreferences in Apple OS X before 10.10 does not properly enforce the "require password after sleep or screen saver begins" setting, which makes it easier for physically proximate attackers to obtain access by leveraging an unattended workstation.

References

https://support.apple.com/kb/HT6535

https://exchange.xforce.ibmcloud.com/vulnerabilities/97640

http://www.securitytracker.com/id/1031063

http://www.securityfocus.com/bid/70630

http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html

Details

Source: Mitre, NVD

Published: 2014-10-18

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 6.8

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H