Lucene search

[email protected]NVD:CVE-2023-43081

HistoryNov 22, 2023 - 1:15 p.m.

CVE-2023-43081

2023-11-2213:15:08

CWE-276

[email protected]

web.nvd.nist.gov

cve-2023-43081

powerprotect agent

incorrect default permissions

ddfscon component

low privileged

local attacker

log files overwriting

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

Percentile

5.1%

JSON

PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files.

Affected configurations

Nvd

Node

dellpowerprotect_agent_for_file_systemRange≤19.14

VendorProductVersionCPE
dellpowerprotect_agent_for_file_system*cpe:2.3:a:dell:powerprotect_agent_for_file_system:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
dell	powerprotect_agent_for_file_system	*	cpe:2.3:a:dell:powerprotect_agent_for_file_system::::::::

References

www.dell.com/support/kbdoc/en-us/000219782/dsa-2023-427-security-update-for-dell-powerprotect-agent-for-file-system-vulnerabilities

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-43081

cvelist1 cve1 prion1