CVE-2014-4425

EUVD-2014-4352
CFPreferences in Apple OS X before 10.10 does not properly enforce the "require password after sleep or screen saver begins" setting, which makes it easier for physically proximate attackers to obtain access by leveraging an unattended workstation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
Affected Products (NVD)
VendorProductVersion
applemac_os_x
𝑥
≤ 10.9.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
http://www.securityfocus.com/bid/70630
http://www.securitytracker.com/id/1031063
https://exchange.xforce.ibmcloud.com/vulnerabilities/97640
https://support.apple.com/kb/HT6535
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
http://www.securityfocus.com/bid/70630
http://www.securitytracker.com/id/1031063
https://exchange.xforce.ibmcloud.com/vulnerabilities/97640
https://support.apple.com/kb/HT6535