Lucene search

[email protected]NVD:CVE-2023-2679

HistoryMay 17, 2023 - 1:15 p.m.

CVE-2023-2679

2023-05-1713:15:09

CWE-269

[email protected]

web.nvd.nist.gov

snow software spe

data leakage

adobe connector

windows

privileged user

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.4

Confidence

High

EPSS

0.001

Percentile

17.6%

JSON

Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data.

Affected configurations

Nvd

Node

snowsoftwaresnow_license_managerRange9.27–9.30service_provider

AND

microsoftwindowsMatch-

VendorProductVersionCPE
snowsoftwaresnow_license_manager*cpe:2.3:a:snowsoftware:snow_license_manager:*:*:*:*:service_provider:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
snowsoftware	snow_license_manager	*	cpe:2.3:a:snowsoftware:snow_license_manager:::::service_provider:::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*

References

community.snowsoftware.com/s/feed/0D56M00009Ex9dySAB

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

4.4

Confidence

High

EPSS

0.001

Percentile

17.6%

JSON

Related for NVD:CVE-2023-2679

cvelist1 cve1 prion1