CCE-95232-5| Platform: cpe:/o:apple:mac_os_11, cpe:/o:apple:mac_os_x:10.15 | Date: (C)2020-12-08 (M)2023-07-04 |
"Enable Application Firewall
The Application Firewall is the built in firewall that comes with Mac OS X and must be enabled. Firewalls protect computers from network attacks by blocking or limiting access to open network ports. Application firewalls limit which applications are allowed to communicate over the network."
Parameter:
[yes/no]
Technical Mechanism:
Fix:To enable the firewall run the following command:
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 9.9 | Attack Vector: NETWORK |
| Exploit Score: 3.1 | Attack Complexity: LOW |
| Impact Score: 6.0 | Privileges Required: LOW |
| Severity: CRITICAL | User Interaction: NONE |
| Vector: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | Scope: CHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:71700 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:67510 |
