Lucene search

[email protected]NVD:CVE-2023-44217

HistoryOct 03, 2023 - 8:15 a.m.

CVE-2023-44217

2023-10-0308:15:36

CWE-269

[email protected]

web.nvd.nist.gov

sonicwall

net extender

windows

privilege escalation

vulnerability

msi client

system privileges

repair functionality

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.

Affected configurations

NVD

Node

sonicwallnetextenderRange≤10.2.336windows

References

github.com/advisories/GHSA-jw5c-8746-98g5

psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0013

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-44217

prion1 cve1 cvelist1