Lucene search

K
cveIntelCVE-2023-31271
HistoryFeb 14, 2024 - 2:15 p.m.

CVE-2023-31271

2024-02-1414:15:50
CWE-284
intel
web.nvd.nist.gov
13
cve-2023-31271
intel
vroc software
access control
privilege escalation
nvd

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

0

Percentile

9.0%

Improper access control in some Intel® VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected configurations

Vulners
Vulnrichment
Node
intelvroc_softwareRange<8.0.8.1001
VendorProductVersionCPE
intelvroc_software*cpe:2.3:a:intel:vroc_software:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) VROC software",
    "versions": [
      {
        "version": "before version 8.0.8.1001",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

0

Percentile

9.0%