mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
106 lines
3.3 KiB
JSON
106 lines
3.3 KiB
JSON
{
|
|
"id": "CVE-2023-47172",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2023-11-20T21:15:08.293",
|
|
"lastModified": "2024-11-21T08:29:54.030",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17 and later."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Ciertos productos WithSecure permiten la escalada de privilegios locales. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15 y WithSecure Elements Endpoint Protection 17 y posteriores."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"baseScore": 7.8,
|
|
"baseSeverity": "HIGH",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 5.9
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-noinfo"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:withsecure:client_security:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15",
|
|
"matchCriteriaId": "6C3FF325-62E4-45DF-AA2C-E2B3CCDF080F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:withsecure:elements_endpoint_protection:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "17",
|
|
"matchCriteriaId": "B92950AC-F16B-4935-93D8-39E6DC6B0B5A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:withsecure:email_and_server_security:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15",
|
|
"matchCriteriaId": "FDC69E2C-7B7A-4203-949D-25F4343082C7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:withsecure:server_security:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "15",
|
|
"matchCriteriaId": "73BCD074-70B5-4905-A20F-A60966EB2912"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://www.withsecure.com/en/support/security-advisories/cve-2023-47172",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://www.withsecure.com/en/support/security-advisories/cve-2023-47172",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |