Lucene search

Veracode Vulnerability DatabaseVERACODE:40351

HistoryApr 30, 2023 - 8:16 p.m.

Information Disclosure

2023-04-3020:16:54

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

2.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:M/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

virtualbox is vulnerable to Information Disclosure. A high priviledged attacker with logon capabilities to the infrastructure,can comprimize virtualbox leading to information disclosure.

CPENameOperatorVersion
virtualbox:sideq6.1.16-dfsg-4+b1
virtualbox:sideq6.1.16-dfsg-4+b1

CPE	Name	Operator	Version
	virtualbox:sid	eq	6.1.16-dfsg-4+b1
	virtualbox:sid	eq	6.1.16-dfsg-4+b1

References

security-tracker.debian.org/tracker/CVE-2023-22001

www.oracle.com/security-alerts/cpuapr2023.html

4.6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

2.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:M/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for VERACODE:40351