Lucene search

[email protected]CVE-2023-27298

HistoryMay 10, 2023 - 2:15 p.m.

CVE-2023-27298

2023-05-1014:15:32

CWE-428

CWE-427

[email protected]

web.nvd.nist.gov

cve-2023-27298

uncontrolled search path

wult software

intel

privilege escalation

nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.0%

JSON

Uncontrolled search path in the WULT software maintained by Intel® before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access.

Affected configurations

Vulners

NVD

Node

intelwake_up_latency_tracerRange<1.0.0

intelwake_up_latency_tracerRange<592300

CPENameOperatorVersion
intel:wake_up_latency_tracerintel wake up latency tracerlt1.0.0

CPE	Name	Operator	Version
intel:wake_up_latency_tracer	intel wake up latency tracer	lt	1.0.0

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "WULT software maintained by Intel(R)",
    "versions": [
      {
        "version": "before version 1.0.0 (commit id 592300b)",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00853.html

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.0%

JSON

Related for CVE-2023-27298

prion1 nvd1 intel1 cvelist1