Lucene search

LenovoCVELIST:CVE-2022-3702

HistoryOct 27, 2023 - 7:42 p.m.

CVE-2022-3702

2023-10-2719:42:34

CWE-367

lenovo

www.cve.org

lenovo

vantage

hardwarescan

dos

vulnerability

local attacker

arbitrary directory

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

EPSS

Percentile

5.1%

JSON

A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3.0.5 and earlier that could allow a local attacker to delete contents of an arbitrary directory under certain conditions.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Vantage HardwareScan Plugin",
    "vendor": "Lenovo",
    "versions": [
      {
        "lessThan": "1.3.1.2",
        "status": "affected",
        "version": " ",
        "versionType": "custom"
      }
    ]
  }
]

References

support.lenovo.com/us/en/product_security/LEN-94532

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-3702