Lucene search

[email protected]NVD:CVE-2023-3698

HistoryAug 17, 2023 - 10:15 a.m.

CVE-2023-3698

2023-08-1710:15:10

CWE-22

[email protected]

web.nvd.nist.gov

printer service

vulnerability

adm software

unauthorized access

directory traversal

file deletion

cve-2023-3698.

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

8.4 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.2%

JSON

Printer service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.

Affected configurations

NVD

Node

asustordata_masterRange4.0.0.rib4–4.0.6.ris1

asustordata_masterRange4.1.0.rhu2–4.2.3.rk91

References

www.asustor.com/security/security_advisory_detail?id=28

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

8.4 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.2%

JSON

Related for NVD:CVE-2023-3698

prion1 cve1 cvelist1 cnvd1 openvas1