CVE-2017-2382: Infoleak
First published: Sun Apr 02 2017(Updated: )
An issue was discovered in certain Apple products. macOS Server before 5.3 is affected. The issue involves the "Wiki Server" component. It allows remote attackers to enumerate user accounts via unspecified vectors.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS Server | <=5.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-2382?
CVE-2017-2382 has a medium severity level due to its ability to allow remote attackers to enumerate user accounts.
How do I fix CVE-2017-2382?
To mitigate CVE-2017-2382, upgrade your macOS Server to version 5.3 or later.
What products are affected by CVE-2017-2382?
CVE-2017-2382 affects macOS Server versions prior to 5.3.
What component is involved in CVE-2017-2382?
The vulnerability in CVE-2017-2382 involves the Wiki Server component of macOS Server.
Can CVE-2017-2382 be exploited remotely?
Yes, CVE-2017-2382 can be exploited remotely by attackers to enumerate user accounts.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/apple
- canonical/apple macos server
- version/apple macos server/5.2