CVE-2013-5188 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2013-5188

CWE

https://cwe.mitre.org/data/definitions/264.html

The Screen Lock implementation in Apple Mac OS X before 10.9, when hibernation and autologin are enabled, does not require a password for a transition out of hibernation, which allows physically proximate attackers to obtain access by visiting an unattended workstation in the hibernating state.

Affected Software

Name	Vendor	Start Version	End Version
Mac_os_x	Apple	*	10.8.5 (including)
Mac_os_x	Apple	10.8.0 (including)	10.8.0 (including)
Mac_os_x	Apple	10.8.1 (including)	10.8.1 (including)
Mac_os_x	Apple	10.8.2 (including)	10.8.2 (including)
Mac_os_x	Apple	10.8.3 (including)	10.8.3 (including)
Mac_os_x	Apple	10.8.4 (including)	10.8.4 (including)
Mac_os_x	Apple	10.8.5 (including)	10.8.5 (including)

References

http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html