Lucene search

[email protected]NVD:CVE-2023-28142

HistoryApr 18, 2023 - 4:15 p.m.

CVE-2023-28142

2023-04-1816:15:09

CWE-362

[email protected]

web.nvd.nist.gov

race condition

qualys cloud agent

windows

privilege escalation

uninstallation

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

Percentile

9.0%

JSON

A Race Condition exists in the Qualys Cloud Agent for Windows
platform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers to
escalate privileges limited on the local machine during uninstallation of the
Qualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges on
that asset to run arbitrary commands.

At the time of this disclosure, versions before 4.0 are classified as End
of Life.

Affected configurations

Nvd

Node

qualyscloud_agentRange3.1.3.34–4.5.3.1windows

VendorProductVersionCPE
qualyscloud_agent*cpe:2.3:a:qualys:cloud_agent:*:*:*:*:*:windows:*:*

Vendor	Product	Version	CPE
qualys	cloud_agent	*	cpe:2.3:a:qualys:cloud_agent::::::windows::*

References

www.qualys.com/security-advisories/

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.7

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2023-28142

prion1 cve1 cvelist1 qualysblog1