Lucene search

IntelCVELIST:CVE-2023-25757

HistoryAug 11, 2023 - 2:37 a.m.

CVE-2023-25757

2023-08-1102:37:21

CWE-284

intel

www.cve.org

intel unison

access control

privilege escalation

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

19.9%

JSON

Improper access control in some Intel® Unison™ software before version 10.12 may allow a privileged user to potentially enable escalation of privilege via network access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) Unison(TM) software",
    "versions": [
      {
        "version": "before version 10.12",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00897.html

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

19.9%

JSON

Related for CVELIST:CVE-2023-25757