Severity Rating: HIGH
Software Affected
Apple macOS server version prior to 5.10
Overview
A vulnerability has been reported in Apple macOS server which could allow a
remote attacker to obtain sensitive information and execute arbitrary code
on the targeted system.
Description
This vulnerability exist in Apple macOS server due to insufficient
sanitization of user-supplied data. A remote attacker could exploit this
vulnerability by sending a specially crafted HTML link.
Successful exploitation of this vulnerability could allow a remote attacker
to gain access sensitive information, change appearance of the web page and
perform phishing attacks on the targeted system.
Solution
Apply appropriate updates as mentioned in Apple Security Advisory HT211932
Vendor Information
Apple
References
Apple
CVE Name
CVE-2020-9995
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.