Lucene search

22d9ba52-f336-4b0d-bf1f-0efbdcc3c1deNVD:CVE-2023-5058

HistoryDec 07, 2023 - 11:15 p.m.

CVE-2023-5058

2023-12-0723:15:07

CWE-20

22d9ba52-f336-4b0d-bf1f-0efbdcc3c1de

web.nvd.nist.gov

cve-2023-5058

input validation

splash screen

system boot

phoenix securecore

denial of service

arbitrary code execution

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.9%

JSON

Improper Input Validation in the processing of user-supplied splash screen during system boot in Phoenix SecureCore™ Technology™ 4 potentially allows denial-of-service attacks or arbitrary code execution.

Affected configurations

NVD

Node

phoenixsecurecore_technologyMatch4.0

References

www.kb.cert.org/vuls/id/811862

www.phoenix.com/security-notifications/

www.phoenix.com/security-notifications/cve-2023-5058/

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.9%

JSON

Related for NVD:CVE-2023-5058