Vulnerability in Apple Mac_os_x_server

CVE-2015-7031

The Web Service component in Apple OS X Server before 5.0.15 omits an unspecified HTTP header configuration, which allows remote attackers to bypass intended access restrictions via unknown vectors.

EPSS: 0.003 (49.4th percentile) — read the EPSS interpretation.

Affected products

Apple Mac_os_x_server
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

APPLE-SA-2015-10-21-8 (vendor-advisory, x_refsource_APPLE, Vendor Advisory)
product-security@apple.com (x_refsource_CONFIRM, Vendor Advisory)
1033933 (vdb-entry, x_refsource_SECTRACK)