7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.0%
Software: tigervnc 1.8.0
OS: rosa-server79
package_evr_string: tigervnc-1.8.0-28.res7
CVE-ID: CVE-2023-5367
BDU-ID: 2023-07145
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the X Window System Xorg-server XIChangeDeviceProperty (Xi/xiproperty.c) and RRChangeOutputProperty (randr/rrrproperty.c) functions is related to the ability to write beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service or escalate their privileges
CVE-STATUS: Fixed
CVE-REV: Run the yum update tigervnc command to close it.
CVE-ID: CVE-2023-5380
BDU-ID: 2023-07412
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the DestroyWindow function of the xorg-x11-server package is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: Run yum update tigervnc to close it
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.0%