CVE-2023-39411

2023-11-1419:15:30

CWE-20

[email protected]

web.nvd.nist.gov

cve-2023-39411

input validation

intel unison

denial of service

local access

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

9.0%

JSON

Improper input validationation for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access.

Affected configurations

Nvd

Node

intelunison_softwareRange<20.14.5683.0

AND

microsoftwindowsMatch-

Node

intelunison_softwareRange<20.14.4244

AND

googleandroidMatch-

Node

intelunison_softwareRange<20.14.2.3053

AND

appleiphone_osMatch-

VendorProductVersionCPE
intelunison_software*cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
googleandroid-cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
appleiphone_os-cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	unison_software	*	cpe:2.3:a:intel:unison_software::::::::
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
google	android	-	cpe:2.3:o:google:android:-:::::::*
apple	iphone_os	-	cpe:2.3:o:apple:iphone_os:-:::::::*