Lucene search

K
cvelistIntelCVELIST:CVE-2023-25775
HistoryAug 11, 2023 - 2:36 a.m.

CVE-2023-25775

2023-08-1102:36:57
CWE-284
intel
www.cve.org
2
improper access control
ethernet controller
rdma driver
privilege escalation
network access

CVSS3

5.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Score

10

Confidence

High

EPSS

0.001

Percentile

35.9%

Improper access control in the Intelยฎ Ethernet Controller RDMA driver for linux before version 1.9.30 may allow an unauthenticated user to potentially enable escalation of privilege via network access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) Ethernet Controller RDMA driver for linux",
    "versions": [
      {
        "version": "before version 1.9.30",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

CVSS3

5.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Score

10

Confidence

High

EPSS

0.001

Percentile

35.9%