Security features bypass in macOS - CVE-2021-30690

 

Security features bypass in macOS - CVE-2021-30690

Published: May 25, 2021


Vulnerability identifier: #VU53504
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2021-30690
CWE-ID: CWE-254
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Apple Inc.
Affected software:
macOS

Detailed vulnerability description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

This entry describes multiple vulnerabilities in the Apache HTTP Server component shipped with the OS. The update resolves multiple issues present in Apache HTTP Server before 2.4.46.

For more information, see the following bulletin:

https://www.cybersecurity-help.cz/vdb/SB2020080806



How to mitigate CVE-2021-30690

Install updates from vendor's website.

Sources