admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-61xx/CVE-2019-6165.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

165 lines
4.8 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-6165",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2019-08-19T15:15:11.577",
"lastModified": "2023-02-02T16:12:47.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A DLL search path vulnerability was reported in PaperDisplay Hotkey Service version 1.2.0.8 that could allow privilege escalation. Lenovo has ended support for PaperDisplay Hotkey software as the Night light feature introduced in Windows 10 Build 1703 provides similar features."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la ruta (path) de b\u00fasqueda de DLL fue reportada en PaperDisplay Hotkey Service versi\u00f3n 1.2.0.8, que podr\u00eda permitir una escalada de privilegios. Lenovo ha puesto fin a la compatibilidad con el programa PaperDisplay Hotkey, ya que la funcionalidad de luz nocturna que fue introducida en Windows 10 Build 1703 ofrece funcionalidades similares."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"accessVector": "LOCAL",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-426"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:yoga_700-11isk_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5787D70A-D365-44C7-9D70-ED27B6079106"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:yoga_700-11isk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B285B7A-0614-4618-B615-B3535CBF2FBC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:yoga_700-14isk_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D1470F-1F1C-455D-B755-02132AA8F706"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:yoga_700-14isk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5C2C536-A321-4F5D-BCC6-BBD6C2D457A4"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/solutions/LEN-27569",
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink