CCE-50252-6| Platform: cpe:/o:apple:mac_os_14 | Date: (C)2023-11-28 (M)2023-11-28 |
DVD or CD sharing allows other users to remotely access the systems optical drive. Disabling this feature will minimize the risk of an attacker accessing the optical drive and using it as a vector to expose sensitive data.
Fix
/bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.ODSAgent.plist
Parameter:
[yes/no]
Technical Mechanism:
/bin/launchctl unload -w /System/Library/LaunchDaemons/com.apple.ODSAgent.plist
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 8.8 | Attack Vector: NETWORK |
| Exploit Score: 2.8 | Attack Complexity: LOW |
| Impact Score: 5.9 | Privileges Required: LOW |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:94817 |
