Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-3699
HistoryAug 22, 2023 - 7:16 p.m.

CVE-2023-3699

2023-08-2219:16:39
CWE-269
[email protected]
web.nvd.nist.gov
asustor
data master
privilege management

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

8.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an unprivileged local users to modify the storage devices configuration. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.

Affected configurations

NVD
Node
asustordata_masterRange4.0.6.ris14.2.3.rk91

Related

cnvd 1
cve 1
prion 1
cvelist 1
openvas 1
cnvd
cnvd
ASUSTOR Data Master Authorization Issues Vulnerability
2023-08-30 00:00:00
cve
cve
CVE-2023-3699
2023-08-22 19:16:39
prion
prion
Privilege escalation
2023-08-22 19:16:00
cvelist
cvelist
CVE-2023-3699 An Improper Privilege Management vulnerability was found on the ADM
2023-08-22 08:57:21
openvas
openvas
ASUSTOR ADM Multiple Vulnerabilities (AS-2023-009, AS-2023-010, AS-2023-011, AS-2023-012)
2023-08-21 00:00:00

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

8.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for NVD:CVE-2023-3699
cnvd1cve1prion1cvelist1openvas1