Lucene search

[email protected]NVD:CVE-2023-26099

HistoryApr 24, 2023 - 6:15 p.m.

CVE-2023-26099

2023-04-2418:15:09

[email protected]

web.nvd.nist.gov

telindus apsal

insecure permission

consultation

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

5.3

Confidence

High

EPSS

Percentile

9.0%

JSON

An issue was discovered in Telindus Apsal 3.14.2022.235 b. The consultation permission is insecure.

Affected configurations

Nvd

Node

telindusapsalMatch3.14.2022.235_b

VendorProductVersionCPE
telindusapsal3.14.2022.235_bcpe:2.3:a:telindus:apsal:3.14.2022.235_b:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
telindus	apsal	3.14.2022.235_b	cpe:2.3:a:telindus:apsal:3.14.2022.235_b:::::::*

References

excellium-services.com/cert-xlm-advisory/CVE-2023-26099

www.telindus.lu/fr/produits/apsal

CVSS3

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

AI Score

5.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2023-26099

cvelist1 cve1 prion1