Lucene search
HistoryNov 28, 2023 - 9:15 p.m.
CVE-2023-29066
cve-2023-29066
os account
data access
local folders
CVSS3
3.5
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
EPSS
0
Percentile
12.7%
The FACSChorus software does not properly assign data access privileges for operating system user accounts. A non-administrative OS account can modify information stored in the local application data folders.
Affected configurations
Node
bdfacschorusMatch5.0
ORbdfacschorusMatch5.1
hphp_z2_tower_g9Match-
Node
bdfacschorusMatch3.0
ORbdfacschorusMatch3.1
hphp_z2_tower_g5Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bd | facschorus | 5.0 | cpe:2.3:a:bd:facschorus:5.0:*:*:*:*:*:*:* |
| bd | facschorus | 5.1 | cpe:2.3:a:bd:facschorus:5.1:*:*:*:*:*:*:* |
| hp | hp_z2_tower_g9 | - | cpe:2.3:h:hp:hp_z2_tower_g9:-:*:*:*:*:*:*:* |
| bd | facschorus | 3.0 | cpe:2.3:a:bd:facschorus:3.0:*:*:*:*:*:*:* |
| bd | facschorus | 3.1 | cpe:2.3:a:bd:facschorus:3.1:*:*:*:*:*:*:* |
| hp | hp_z2_tower_g5 | - | cpe:2.3:h:hp:hp_z2_tower_g5:-:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2023-11-28 21:15:00
cvelist
cvelist
CVE-2023-29066 Incorrect User Management
2023-11-28 20:36:13
cve
cve
CVE-2023-29066
2023-11-28 21:15:08
ics
ics
BD FACSChorus
2023-11-28 12:00:00
CVSS3
3.5
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
EPSS
0
Percentile
12.7%
Related for NVD:CVE-2023-29066