CVE-2011-3212

{"id": "CVE-2011-3212", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-10-14T10:55:08.307", "references": [{"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", "source": "product-security@apple.com"}, {"url": "http://osvdb.org/76362", "source": "product-security@apple.com"}, {"url": "http://support.apple.com/kb/HT5002", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://support.apple.com/kb/HT5281", "source": "product-security@apple.com"}, {"url": "http://www.securityfocus.com/bid/50085", "source": "product-security@apple.com"}, {"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/76362", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://support.apple.com/kb/HT5002", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://support.apple.com/kb/HT5281", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/50085", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-310"}]}], "descriptions": [{"lang": "en", "value": "CoreStorage in Apple Mac OS X 10.7 before 10.7.2 does not ensure that all disk data is encrypted during the enabling of FileVault, which makes it easier for physically proximate attackers to obtain sensitive information by reading directly from the disk device."}, {"lang": "es", "value": "CoreStorage en Apple Mac OS X v10.7 anterior a v10.7 no asegura que toda la informaci\u00f3n de disco est\u00e1 encriptada durante la activaci\u00f3n de FileVault, lo que hace m\u00e1s f\u00e1cil a atacantes pr\u00f3ximos f\u00edsicamente obtener informaci\u00f3n sensible leyendo directamente del dispositivo de disco."}], "lastModified": "2024-11-21T01:29:59.557", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8961F444-48C4-4B54-829B-A1A2D0F2716C"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09A0FA11-6211-4962-A6E0-F00732818012"}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38823717-65A1-4587-8F05-32EA9A01084C"}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BD4E77C-3F87-476B-BB66-75EECDFDB18E"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}