CVE-2019-8522: Medium severity macos mojave vulnerability

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8522.

Q: What is the severity of CVE-2019-8522?

The severity of CVE-2019-8522 is medium, with a severity value of 5.5.

Q: What is the affected software for CVE-2019-8522?

The affected software for CVE-2019-8522 is Apple Mac OS X, Apple macOS Mojave (up to version 10.14.4), Apple High Sierra, and Apple Sierra.

Q: How does CVE-2019-8522 impact the system?

CVE-2019-8522 allows an encrypted volume to be unmounted and remounted by a different user without prompting for the password.

Q: How can CVE-2019-8522 be fixed?

CVE-2019-8522 can be fixed by updating the system to macOS Mojave 10.14.4 or later.

Published Mar 25, 2019

Updated

A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4. An encrypted volume may be unmounted and remounted by a different user without prompting for the password.

Other sources

DiskArbitration. A logic issue was addressed with improved state management.

Credit

Colin Meginnis@@falc420

Affected Software

4 affected componentsFixes available

Apple macOS Mojave<10.14.4

10.14.4

Apple High Sierra

Apple Sierra

Apple iOS and macOS<10.14.4

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT209600

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8522.

What is the severity of CVE-2019-8522?

The severity of CVE-2019-8522 is medium, with a severity value of 5.5.

What is the affected software for CVE-2019-8522?

The affected software for CVE-2019-8522 is Apple Mac OS X, Apple macOS Mojave (up to version 10.14.4), Apple High Sierra, and Apple Sierra.

How does CVE-2019-8522 impact the system?