8.3 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
0.025 Low
EPSS
Percentile
90.2%
Software: shim-signed 15
OS: rosa-server79
package_evr_string: shim-signed-15-8.0.1.res7
CVE-ID: CVE-2023-40547
BDU-ID: 2024-00725
CVE-Crit: HIGH
CVE-DESC.: A vulnerability exists in the UEFI shim bootloader due to failure to take measures to neutralize special elements. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending a specially crafted HTTP request.
CVE-STATUS: Fixed
CVE-REV: To close, run yum update shim-signed command