CVE-2015-5887
Description
The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a Certificate Request message within a session in which no Server Key Exchange message has been sent, which allows remote attackers to have an unspecified impact via crafted TLS data.
Risk Information
Base Score
9.1
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.752
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.6 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.6 Combo Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.5 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.5 Combo Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.4 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.4 Combo Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.3 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.2 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.1 Update | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600754 | OS X El Capitan 10.11.6 Combo Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600754 | OS X El Capitan 10.11.6 Combo Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600754 | OS X El Capitan 10.11.6 Combo Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234