Lucene search

MitreCVE-2023-26238

HistoryOct 05, 2023 - 1:15 a.m.

CVE-2023-26238

2023-10-0501:15:10

mitre

web.nvd.nist.gov

watchguard

epdr

8.0.21.0002

cve-2023-26238

security vulnerability

nvd

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

5.4

Confidence

High

EPSS

Percentile

9.0%

JSON

An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe.

Affected configurations

Nvd

Node

watchguardepp_firmwareRange<8.00.22.0010

AND

watchguardeppMatch-

Node

watchguardedr_firmwareRange<8.00.22.0010

AND

watchguardedrMatch-

Node

watchguardepdr_firmwareRange<8.00.22.0010

AND

watchguardepdrMatch-

Node

watchguardpanda_ad360_firmwareRange<8.00.22.0010

AND

watchguardpanda_ad360Match-

VendorProductVersionCPE
watchguardepp_firmware*cpe:2.3:o:watchguard:epp_firmware:*:*:*:*:*:*:*:*
watchguardepp-cpe:2.3:h:watchguard:epp:-:*:*:*:*:*:*:*
watchguardedr_firmware*cpe:2.3:o:watchguard:edr_firmware:*:*:*:*:*:*:*:*
watchguardedr-cpe:2.3:h:watchguard:edr:-:*:*:*:*:*:*:*
watchguardepdr_firmware*cpe:2.3:o:watchguard:epdr_firmware:*:*:*:*:*:*:*:*
watchguardepdr-cpe:2.3:h:watchguard:epdr:-:*:*:*:*:*:*:*
watchguardpanda_ad360_firmware*cpe:2.3:o:watchguard:panda_ad360_firmware:*:*:*:*:*:*:*:*
watchguardpanda_ad360-cpe:2.3:h:watchguard:panda_ad360:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
watchguard	epp_firmware	*	cpe:2.3:o:watchguard:epp_firmware::::::::
watchguard	epp	-	cpe:2.3:h:watchguard:epp:-:::::::*
watchguard	edr_firmware	*	cpe:2.3:o:watchguard:edr_firmware::::::::
watchguard	edr	-	cpe:2.3:h:watchguard:edr:-:::::::*
watchguard	epdr_firmware	*	cpe:2.3:o:watchguard:epdr_firmware::::::::
watchguard	epdr	-	cpe:2.3:h:watchguard:epdr:-:::::::*
watchguard	panda_ad360_firmware	*	cpe:2.3:o:watchguard:panda_ad360_firmware::::::::
watchguard	panda_ad360	-	cpe:2.3:h:watchguard:panda_ad360:-:::::::*

References

www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00006

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

5.4

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for CVE-2023-26238