[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-85422-4

Platform: cpe:/o:apple:mac_os_11Date: (C)2022-12-28   (M)2023-07-04



The main use case for Mac computers is as mobile user endpoints. P2P sharing services should not be enabled on laptops that are using untrusted networks. Content Caching can allow a computer to be a server for local nodes on an untrusted network. While there are certainly logical controls that could be used to mitigate risk they add to the management complexity, since the value of the service is in specific use cases organizations with the use case described above can accept risk as necessary. Fix: AssetCacheManagerUtil deactivate


Parameter:

[yes/no]


Technical Mechanism:

AssetCacheManagerUtil deactivate

CCSS Severity:CCSS Metrics:
CCSS Score : 9.9Attack Vector: NETWORK
Exploit Score: 3.1Attack Complexity: LOW
Impact Score: 6.0Privileges Required: LOW
Severity: CRITICALUser Interaction: NONE
Vector: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HScope: CHANGED
 Confidentiality: HIGH
 Integrity: HIGH
 Availability: HIGH
  

References:
Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:80361


OVAL    1
oval:org.secpod.oval:def:80361
XCCDF    1
xccdf_org.secpod_benchmark_general_Mac_OS_11

© SecPod Technologies