Lucene search

K
cve[email protected]CVE-2023-22448
HistoryNov 14, 2023 - 7:15 p.m.

CVE-2023-22448

2023-11-1419:15:17
CWE-284
web.nvd.nist.gov
13
cve-2023-22448
intel unison
access control
privilege escalation
network access
nvd

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

19.4%

Improper access control for some Intel Unison software may allow a privileged user to potentially enable escalation of privilege via network access.

Affected configurations

NVD
Node
intelunison_softwareRange<20.14.5683.0
AND
microsoftwindowsMatch-
Node
intelunison_softwareRange<20.14.4244
AND
googleandroidMatch-
Node
intelunison_softwareRange<20.14.2.3053
AND
appleiphone_osMatch-

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel Unison software",
    "versions": [
      {
        "version": "See references",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

19.4%

Related for CVE-2023-22448