Lucene search
SnowCVE-2023-2679HistoryMay 17, 2023 - 1:15 p.m.
CVE-2023-2679
2023-05-1713:15:09
CWE-269
Snow
web.nvd.nist.gov
16
cve-2023-2679
data leakage
adobe connector
snow software
spe
windows
nvd
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
4.5
Confidence
High
EPSS
0.001
Percentile
17.6%
Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data.
Affected configurations
Node
snowsoftwaresnow_license_managerRange9.27–9.30service_provider
microsoftwindowsMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| snowsoftware | snow_license_manager | * | cpe:2.3:a:snowsoftware:snow_license_manager:*:*:*:*:service_provider:*:*:* |
| microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"modules": [
"Adobe Connector"
],
"platforms": [
"Windows"
],
"product": "SPE SLM",
"vendor": "Snow Software",
"versions": [
{
"lessThan": "9.30.0",
"status": "affected",
"version": "9.27.0",
"versionType": "0"
}
]
}
]Related
cvelist
cvelist
CVE-2023-2679 Data leakage in Adobe connector for SPE edition of SLM
2023-05-17 12:55:58
prion
prion
Code injection
2023-05-17 13:15:00
nvd
nvd
CVE-2023-2679
2023-05-17 13:15:09
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
4.5
Confidence
High
EPSS
0.001
Percentile
17.6%
Related for CVE-2023-2679