Lucene search

QualysCVELIST:CVE-2023-28142

HistoryApr 18, 2023 - 3:51 p.m.

CVE-2023-28142 Race Condition

2023-04-1815:51:58

CWE-362

Qualys

www.cve.org

cve-2023-28142

qualys cloud agent

windows

privilege escalation

uninstallation

system level access

end of life

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

Percentile

9.0%

JSON

A Race Condition exists in the Qualys Cloud Agent for Windows
platform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers to
escalate privileges limited on the local machine during uninstallation of the
Qualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges on
that asset to run arbitrary commands.

At the time of this disclosure, versions before 4.0 are classified as End
of Life.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "Cloud Agent",
    "vendor": "Qualys",
    "versions": [
      {
        "lessThan": "4.5.3.1",
        "status": "affected",
        "version": " 3.1.3.34",
        "versionType": "custom"
      }
    ]
  }
]

References

www.qualys.com/security-advisories/

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2023-28142