#VU58676 State Issues in macOS - CVE-2021-30904
Published: December 8, 2021
Vulnerability identifier: #VU58676
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2021-30904
CWE-ID: CWE-371
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
macOS
macOS
Software vendor:
Apple Inc.
Apple Inc.
Description
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists in the iMessage due to software continues to sync even after successful log out. This leads to message being sent to the system where the user was previously logged in.
Remediation
Install updates from vendor's website.