CVE-2011-3212
First published: Fri Oct 14 2011(Updated: )
CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS Server | =10.7.1 | |
| Apple macOS Server | =10.7.0 | |
| Apple iOS and macOS | =10.7.0 | |
| Apple iOS and macOS | =10.7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-3212?
CVE-2011-3212 is classified as a moderate severity vulnerability.
How do I fix CVE-2011-3212?
To fix CVE-2011-3212, update your Mac OS X to version 10.7.2 or later.
What systems are affected by CVE-2011-3212?
CVE-2011-3212 affects Apple Mac OS X versions 10.7.0 and 10.7.1.
What type of vulnerability is CVE-2011-3212?
CVE-2011-3212 is a data protection vulnerability related to the FileVault feature.
Who can exploit CVE-2011-3212?
Physically proximate attackers can exploit CVE-2011-3212 to access unencrypted disk data.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/apple macos server
- version/apple macos server/10.7.1
- version/apple macos server/10.7.0
- canonical/apple ios and macos
- version/apple ios and macos/10.7.0
- version/apple ios and macos/10.7.1