Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistSnowCVELIST:CVE-2023-7169
HistoryFeb 08, 2024 - 12:59 p.m.

CVE-2023-7169 Impersonate vendor signed Powershell scripts

2024-02-0812:59:40
CWE-290
Snow
www.cve.org
1
cve-2023-7169
authentication bypass
spoofing
snow inventory agent
windows
upgrade

CVSS3

6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

EPSS

0

Percentile

9.0%

JSON

Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.This issue affects Snow Inventory Agent: through 6.14.5. Customers advised to upgrade to version 7.0

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "Snow Inventory Agent",
    "vendor": "Snow Software",
    "versions": [
      {
        "lessThanOrEqual": "6.14.5",
        "status": "affected",
        "version": "0",
        "versionType": "all version"
      }
    ]
  }
]

Related

prion 1
vulnrichment 1
cve 1
nvd 1
prion
prion
Design/Logic Flaw
2024-02-08 13:15:00
vulnrichment
vulnrichment
CVE-2023-7169 Impersonate vendor signed Powershell scripts
2024-02-08 12:59:40
cve
cve
CVE-2023-7169
2024-02-08 13:15:08
nvd
nvd
CVE-2023-7169
2024-02-08 13:15:08

CVSS3

6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

EPSS

0

Percentile

9.0%

JSON
Related for CVELIST:CVE-2023-7169
prion1vulnrichment1cve1nvd1