Lucene search

TR-CERTCVELIST:CVE-2023-4664

HistorySep 15, 2023 - 8:38 a.m.

CVE-2023-4664 Privilage Escalation in Saphira Connect

2023-09-1508:38:09

CWE-276

TR-CERT

www.cve.org

cve-2023-4664

privilege escalation

saphira connect

incorrect default permissions

vulnerability

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.3%

JSON

Incorrect Default Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation.This issue affects Saphira Connect: before 9.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Saphira Connect",
    "vendor": "Saphira",
    "versions": [
      {
        "lessThan": "9",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.usom.gov.tr/bildirim/tr-23-0535

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.3%

JSON

Related for CVELIST:CVE-2023-4664