Sign-up

ID

VAR-201508-0445


CVE

CVE-2015-3799


TITLE

Apple OS X of Apple ID OD Vulnerability to change arbitrary user password in plug-in

Trust: 0.8

sources: JVNDB: JVNDB-2015-004286

DESCRIPTION

The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers to change arbitrary user passwords via a crafted app. An attacker must have shell access to exploit this vulnerability, however Guest access is sufficient.The specific flaw exists within the authentication of users who use their iCloud account and password to log in to OS X. Any user is able to change the password of these users without knowing the previous password. This allows an attacker to run arbitrary commands as that user. If the target user is an Admin, the attacker can run arbitrary commands as root. Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code with system privileges, gain admin privileges, bypass security restrictions, cause denial-of-service conditions, obtain sensitive information, and perform other attacks. Note: The issue described by CVE-2015-3778 has been removed. These issues affect OS X prior to 10.10.5. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Apple ID OD is one of the username plugins required to use various Apple services. An attacker could exploit this vulnerability with the help of a specially crafted application to change any user's password

Trust: 2.61

sources: NVD: CVE-2015-3799 // JVNDB: JVNDB-2015-004286 // ZDI: ZDI-15-390 // BID: 76340 // VULHUB: VHN-81760

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.10.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.10 to 10.10.4

Trust: 0.8

vendor:applemodel:os xscope: - version: -

Trust: 0.7

vendor:applemodel:mac os xscope:eqversion:10.10.4

Trust: 0.6

vendor:applemodel:quicktimescope:eqversion:7.6

Trust: 0.3

vendor:applemodel:quicktimescope:eqversion:7.3.4

Trust: 0.3

vendor:applemodel:quicktimescope:eqversion:7.2

Trust: 0.3

vendor:applemodel:quicktimescope:eqversion:7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:5.0

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.4

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.3

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.2

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:tvscope:eqversion:4.0

Trust: 0.3

sources: ZDI: ZDI-15-390 // BID: 76340 // JVNDB: JVNDB-2015-004286 // CNNVD: CNNVD-201508-256 // NVD: CVE-2015-3799

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-3799
value: HIGH

Trust: 1.0

NVD: CVE-2015-3799
value: HIGH

Trust: 0.8

ZDI: CVE-2015-3799
value: HIGH

Trust: 0.7

CNNVD: CNNVD-201508-256
value: CRITICAL

Trust: 0.6

VULHUB: VHN-81760
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-3799
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

ZDI: CVE-2015-3799
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

VULHUB: VHN-81760
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: ZDI: ZDI-15-390 // VULHUB: VHN-81760 // JVNDB: JVNDB-2015-004286 // CNNVD: CNNVD-201508-256 // NVD: CVE-2015-3799

PROBLEMTYPE DATA

problemtype:CWE-255

Trust: 1.9

sources: VULHUB: VHN-81760 // JVNDB: JVNDB-2015-004286 // NVD: CVE-2015-3799

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201508-256

TYPE

trust management

Trust: 0.6

sources: CNNVD: CNNVD-201508-256

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-004286

PATCH
title:Apple security updatesurl:https://support.apple.com/en-us/HT201222
Trust: 0.8
title:APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006url:http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
Trust: 0.8
title:HT205031url:http://support.apple.com/en-us/HT205031
Trust: 0.8
title:HT205031url:http://support.apple.com/ja-jp/HT205031
Trust: 0.8
title:Apple has issued an update to correct this vulnerability.url:http://support.apple.com/kb/HT201222
Trust: 0.7
title:osxupd10.10.5url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57197
Trust: 0.6
title:iPhone7,1_8.4.1_12H321_Restoreurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57198
Trust: 0.6
sources:
            
            
            ZDI: ZDI-15-390 // 
            
            
            
            JVNDB: JVNDB-2015-004286 // 
            
            
            
            CNNVD: CNNVD-201508-256

EXTERNAL IDS
db:NVDid:CVE-2015-3799
Trust: 3.5
db:ZDIid:ZDI-15-390
Trust: 2.1
db:BIDid:76340
Trust: 2.0
db:SECTRACKid:1033276
Trust: 1.1
db:JVNid:JVNVU94440136
Trust: 0.8
db:JVNDBid:JVNDB-2015-004286
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-2996
Trust: 0.7
db:CNNVDid:CNNVD-201508-256
Trust: 0.7
db:VULHUBid:VHN-81760
Trust: 0.1
sources:
            
            
            ZDI: ZDI-15-390 // 
            
            
            
            VULHUB: VHN-81760 // 
            
            
            
            BID: 76340 // 
            
            
            
            JVNDB: JVNDB-2015-004286 // 
            
            
            
            CNNVD: CNNVD-201508-256 // 
            
            
            
            NVD: CVE-2015-3799

REFERENCES
url:http://lists.apple.com/archives/security-announce/2015/aug/msg00001.html
Trust: 1.7
url:http://www.securityfocus.com/bid/76340
Trust: 1.7
url:https://support.apple.com/kb/ht205031
Trust: 1.7
url:http://www.zerodayinitiative.com/advisories/zdi-15-390
Trust: 1.1
url:http://www.securitytracker.com/id/1033276
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3799
Trust: 0.8
url:http://jvn.jp/vu/jvnvu94440136/index.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3799
Trust: 0.8
url:http://support.apple.com/kb/ht201222
Trust: 0.7
url:http://www.apple.com/macosx/
Trust: 0.3
url:http://www.zerodayinitiative.com/advisories/zdi-15-390/
Trust: 0.3
url:http://prod.lists.apple.com/archives/security-announce/2015/aug/msg00004.html
Trust: 0.3
url:https://support.apple.com/en-ie/ht205031
Trust: 0.3
sources:
            
            
            ZDI: ZDI-15-390 // 
            
            
            
            VULHUB: VHN-81760 // 
            
            
            
            BID: 76340 // 
            
            
            
            JVNDB: JVNDB-2015-004286 // 
            
            
            
            CNNVD: CNNVD-201508-256 // 
            
            
            
            NVD: CVE-2015-3799

CREDITS
Anonymous
Trust: 0.7
sources:
            
            
            ZDI: ZDI-15-390

SOURCES
db:ZDIid:ZDI-15-390
db:VULHUBid:VHN-81760
db:BIDid:76340
db:JVNDBid:JVNDB-2015-004286
db:CNNVDid:CNNVD-201508-256
db:NVDid:CVE-2015-3799

LAST UPDATE DATE
2025-04-13T22:26:03.929000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-15-390date:2015-08-13T00:00:00
db:VULHUBid:VHN-81760date:2017-09-21T00:00:00
db:BIDid:76340date:2016-07-05T21:35:00
db:JVNDBid:JVNDB-2015-004286date:2015-08-21T00:00:00
db:CNNVDid:CNNVD-201508-256date:2015-08-21T00:00:00
db:NVDid:CVE-2015-3799date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:ZDIid:ZDI-15-390date:2015-08-13T00:00:00
db:VULHUBid:VHN-81760date:2015-08-17T00:00:00
db:BIDid:76340date:2015-08-13T00:00:00
db:JVNDBid:JVNDB-2015-004286date:2015-08-21T00:00:00
db:CNNVDid:CNNVD-201508-256date:2015-08-18T00:00:00
db:NVDid:CVE-2015-3799date:2015-08-17T00:00:14.393