Lucene search

DellCVE-2023-43081

HistoryNov 22, 2023 - 1:15 p.m.

CVE-2023-43081

2023-11-2213:15:08

CWE-276

dell

web.nvd.nist.gov

powerprotect

agent

file system

version 19.14

security

vulnerability

ddfscon

exploit

log files

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

4.1

Confidence

High

EPSS

Percentile

5.1%

JSON

PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files.

Affected configurations

Nvd

Vulners

Node

dellpowerprotect_agent_for_file_systemRange≤19.14

VendorProductVersionCPE
dellpowerprotect_agent_for_file_system*cpe:2.3:a:dell:powerprotect_agent_for_file_system:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dell	powerprotect_agent_for_file_system	*	cpe:2.3:a:dell:powerprotect_agent_for_file_system::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "PowerProtect Agent for File System",
    "vendor": "Dell",
    "versions": [
      {
        "status": "affected",
        "version": "Versions prior to 19.14"
      }
    ]
  }
]

References

www.dell.com/support/kbdoc/en-us/000219782/dsa-2023-427-security-update-for-dell-powerprotect-agent-for-file-system-vulnerabilities

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

4.1

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-43081