Improper Authentication in Profile Manager Allows Enumeration of Managed Devices

Improper Authentication in Profile Manager Allows Enumeration of Managed Devices

CVE-2012-3721 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Profile Manager in Apple Mac OS X before 10.7.5 does not properly perform authentication for the Device Management private interface, which allows attackers to enumerate managed devices via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.