CVE-2010-0521

Apple Mac OS X < 10.6.2 - Authentication Bypass

Title source: rule

Description

Server Admin in Apple Mac OS X Server before 10.6.3 does not properly enforce authentication for directory binding, which allows remote attackers to obtain potentially sensitive information from Open Directory via unspecified LDAP requests.

References (2)

Scores

EPSS 0.0027
EPSS Percentile 49.9%

Classification

CWE
CWE-287
Status draft

Affected Products (16)

apple/mac_os_x
apple/mac_os_x
apple/mac_os_x
apple/mac_os_x_server < 10.6.2
apple/mac_os_x_server
apple/mac_os_x_server
apple/mac_os_x_server
apple/mac_os_x_server
apple/mac_os_x_server
apple/mac_os_x_server
apple/mac_os_x_server
apple/mac_os_x_server
apple/mac_os_x_server
apple/mac_os_x_server
apple/mac_os_x_server
... and 1 more

Timeline

Published Mar 30, 2010
Tracked Since Feb 18, 2026