Lucene search

K
osvGoogleOSV:CVE-2023-39810
HistoryAug 28, 2023 - 7:15 p.m.

CVE-2023-39810

2023-08-2819:15:07
Google
osv.dev
4
directory traversal
busybox
software vulnerability
cve-2023-39810
cpio command

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%