Lucene search

IntelCVELIST:CVE-2023-22448

HistoryNov 14, 2023 - 7:04 p.m.

CVE-2023-22448

2023-11-1419:04:29

CWE-284

intel

www.cve.org

intel unison

access control

privilege escalation

network access

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

19.5%

JSON

Improper access control for some Intel Unison software may allow a privileged user to potentially enable escalation of privilege via network access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel Unison software",
    "versions": [
      {
        "version": "See references",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00963.html

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

19.5%

JSON

Related for CVELIST:CVE-2023-22448