Lucene search
HistorySep 27, 2023 - 3:19 p.m.
CVE-2023-42486
fortect cwe-428 local user privileges
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.4
Confidence
High
EPSS
0
Percentile
5.1%
Fortect - CWE-428: Unquoted Search Path or Element, may be used by local user to elevate privileges.
Affected configurations
Node
fortectfortectRange≤5.0.0.7
Related
cve
cve
CVE-2023-42486
2023-09-27 15:19:32
prion
prion
Code injection
2023-09-27 15:19:00
cvelist
cvelist
CVE-2023-42486 Fortect - CWE-428: Unquoted Search Path or Element
2023-09-27 12:13:37
vulnrichment
vulnrichment
CVE-2023-42486 Fortect - CWE-428: Unquoted Search Path or Element
2023-09-27 12:13:37
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.4
Confidence
High
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2023-42486