nvd-json-data-feeds/CVE-2022/CVE-2022-276xx/CVE-2022-27677.json

{
  "id": "CVE-2022-27677",
  "sourceIdentifier": "psirt@amd.com",
  "published": "2023-03-01T08:15:10.407",
  "lastModified": "2023-03-09T14:35:31.370",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Failure to validate privileges during installation of AMD Ryzen\u2122 Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:amd:ryzen_master:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "2.10.1.2287",
              "matchCriteriaId": "765AC34D-482D-457C-9369-6D4BF397C2F9"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1052",
      "source": "psirt@amd.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2022-27677",`
			`"sourceIdentifier": "psirt@amd.com",`
			`"published": "2023-03-01T08:15:10.407",`
			`"lastModified": "2023-03-09T14:35:31.370",`
			`"vulnStatus": "Analyzed",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Failure to validate privileges during installation of AMD Ryzen\u2122 Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",`
			`"attackVector": "LOCAL",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "LOW",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 7.8,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 1.8,`
			`"impactScore": 5.9`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-269"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:amd:ryzen_master::::::::",`
			`"versionEndExcluding": "2.10.1.2287",`
			`"matchCriteriaId": "765AC34D-482D-457C-9369-6D4BF397C2F9"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1052",`
			`"source": "psirt@amd.com",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
			`}`
			`]`
			`}`