Lucene search
HistoryJun 22, 2023 - 2:15 a.m.
CVE-2023-28956
ibm
spectrum protect
backup-archive client
local user
privilege escalation
access controls
security vulnerability
cve-2023-28956
nvd
ibm x-force id 251767
8.4 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls. IBM X-Force ID: 251767.
Affected configurations
Node
ibmspectrum_protect_backup-archive_clientRange8.1.0.0–8.1.17.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | spectrum_protect_backup\-archive_client | * | cpe:2.3:a:ibm:spectrum_protect_backup\-archive_client:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Spectrum Protect Backup-Archive Client",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "8.1.17.2",
"status": "affected",
"version": "8.1.0.0",
"versionType": "semver"
}
]
}
]Related
nvd
nvd
CVE-2023-28956
2023-06-22 02:15:48
ibm
ibm
prion
prion
Improper access control
2023-06-22 02:15:00
cnvd
cnvd
cvelist
cvelist
8.4 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2023-28956