Lucene search

[email protected]CVE-2023-2417

HistoryApr 29, 2023 - 1:15 a.m.

CVE-2023-2417

2023-04-2901:15:08

CWE-428

[email protected]

web.nvd.nist.gov

cve-2023-2417

vulnerability

ks-soft

advanced host monitor

unquoted search path

local host

upgrade

vdb-227714

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

18.3%

JSON

A vulnerability was found in ks-soft Advanced Host Monitor up to 12.56 and classified as problematic. Affected by this issue is some unknown functionality of the file C:\Program Files (x86)\HostMonitor\RMA-Win\rma_active.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 12.60 is able to address this issue. It is recommended to upgrade the affected component. VDB-227714 is the identifier assigned to this vulnerability.

VendorProductVersionCPE
ks\-softadvanced_host_monitor12.0cpe:2.3:a:ks\-soft:advanced_host_monitor:12.0:*:*:*:*:*:*:*
ks\-softadvanced_host_monitor12.1cpe:2.3:a:ks\-soft:advanced_host_monitor:12.1:*:*:*:*:*:*:*
ks\-softadvanced_host_monitor12.2cpe:2.3:a:ks\-soft:advanced_host_monitor:12.2:*:*:*:*:*:*:*
ks\-softadvanced_host_monitor12.3cpe:2.3:a:ks\-soft:advanced_host_monitor:12.3:*:*:*:*:*:*:*
ks\-softadvanced_host_monitor12.4cpe:2.3:a:ks\-soft:advanced_host_monitor:12.4:*:*:*:*:*:*:*
ks\-softadvanced_host_monitor12.5cpe:2.3:a:ks\-soft:advanced_host_monitor:12.5:*:*:*:*:*:*:*
ks\-softadvanced_host_monitor12.6cpe:2.3:a:ks\-soft:advanced_host_monitor:12.6:*:*:*:*:*:*:*
ks\-softadvanced_host_monitor12.7cpe:2.3:a:ks\-soft:advanced_host_monitor:12.7:*:*:*:*:*:*:*
ks\-softadvanced_host_monitor12.8cpe:2.3:a:ks\-soft:advanced_host_monitor:12.8:*:*:*:*:*:*:*
ks\-softadvanced_host_monitor12.9cpe:2.3:a:ks\-soft:advanced_host_monitor:12.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ks\-soft	advanced_host_monitor	12.0	cpe:2.3:a:ks\-soft:advanced_host_monitor:12.0:::::::*
ks\-soft	advanced_host_monitor	12.1	cpe:2.3:a:ks\-soft:advanced_host_monitor:12.1:::::::*
ks\-soft	advanced_host_monitor	12.2	cpe:2.3:a:ks\-soft:advanced_host_monitor:12.2:::::::*
ks\-soft	advanced_host_monitor	12.3	cpe:2.3:a:ks\-soft:advanced_host_monitor:12.3:::::::*
ks\-soft	advanced_host_monitor	12.4	cpe:2.3:a:ks\-soft:advanced_host_monitor:12.4:::::::*
ks\-soft	advanced_host_monitor	12.5	cpe:2.3:a:ks\-soft:advanced_host_monitor:12.5:::::::*
ks\-soft	advanced_host_monitor	12.6	cpe:2.3:a:ks\-soft:advanced_host_monitor:12.6:::::::*
ks\-soft	advanced_host_monitor	12.7	cpe:2.3:a:ks\-soft:advanced_host_monitor:12.7:::::::*
ks\-soft	advanced_host_monitor	12.8	cpe:2.3:a:ks\-soft:advanced_host_monitor:12.8:::::::*
ks\-soft	advanced_host_monitor	12.9	cpe:2.3:a:ks\-soft:advanced_host_monitor:12.9:::::::*

Rows per page:

1-10 of 571

References

packetstormsecurity.com/files/172105/Advanced-Host-Monitor-12.56-Unquoted-Service-Path.html

vuldb.com/?ctiid.227714

vuldb.com/?id.227714

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

18.3%

JSON

Related for CVE-2023-2417

exploitdb1 packetstorm1 zdt1 prion1 cvelist1