A cryptographic weakness existed in the authentication protocol of Remote Desktop. This issue was addressed by implementing the Secure Remote Password authentication protocol. This issue is fixed in Apple Remote Desktop 3.9. An attacker may be able to capture cleartext passwords.
References
Link | Resource |
---|---|
https://support.apple.com/en-us/HT207622 | Vendor Advisory |
https://support.apple.com/en-us/HT207622 | Vendor Advisory |
Configurations
History
21 Nov 2024, 03:23
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.apple.com/en-us/HT207622 - Vendor Advisory |
07 Jan 2022, 15:44
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
References | (MISC) https://support.apple.com/en-us/HT207622 - Vendor Advisory | |
CWE | CWE-327 | |
CPE | cpe:2.3:a:apple:remote_desktop:*:*:*:*:*:*:*:* |
23 Dec 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-12-23 20:15
Updated : 2024-11-21 03:23
NVD link : CVE-2017-2488
Mitre link : CVE-2017-2488
CVE.ORG link : CVE-2017-2488
JSON object : View
Products Affected
apple
- remote_desktop
CWE
CWE-327
Use of a Broken or Risky Cryptographic Algorithm