CVE-2017-13871: High severity macos high sierra vulnerability
Mail. An inconsistent user interface issue was addressed with improved state management.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Mail" component. It allows remote attackers to read cleartext e-mail content (for which S/MIME encryption was intended) by leveraging the lack of installation of an S/MIME certificate by the recipient.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2017-13887
- CVE-2017-9798
- CVE-2017-13905
- CVE-2017-7172
- CVE-2017-13892
- CVE-2017-7171
- CVE-2017-7151
- CVE-2017-1000254
- CVE-2017-13872
- CVE-2017-15422
- CVE-2017-13883
- CVE-2017-7163
- CVE-2017-7155
- CVE-2017-13878
- CVE-2017-13875
- CVE-2017-7159
- CVE-2017-13848
- CVE-2017-13858
- CVE-2017-13847
- CVE-2017-7162
- CVE-2017-13904
- CVE-2017-5754
- CVE-2017-13862
- CVE-2017-13867
- CVE-2017-7173
- CVE-2017-13876
- CVE-2017-13855
- CVE-2017-13865
- CVE-2017-13868
- CVE-2017-13869
- CVE-2017-7154
- CVE-2017-13871
- CVE-2017-13860
- CVE-2017-3735
- CVE-2017-12837
- CVE-2017-7158
- CVE-2017-13911
- CVE-2017-13886
Frequently Asked Questions
What is CVE-2017-13871?
CVE-2017-13871 is a vulnerability that affects certain Apple products running macOS before version 10.13.2. It allows remote attackers to read cleartext e-mail content that was intended to be encrypted with S/MIME.
What is the severity of CVE-2017-13871?
CVE-2017-13871 has a severity rating of 7.5 out of 10, which is considered high.
Which versions of macOS are affected by CVE-2017-13871?
macOS versions before 10.13.2 are affected by CVE-2017-13871.
How can I fix CVE-2017-13871?
To fix CVE-2017-13871, update your macOS to version 10.13.2 or later.
Where can I find more information about CVE-2017-13871?
You can find more information about CVE-2017-13871 on the Apple Security Updates page and the SecurityFocus and SecurityTracker websites.