Lucene search

IbmCVELIST:CVE-2023-26277

HistoryMay 31, 2023 - 6:57 p.m.

CVE-2023-26277 IBM QRadar WinCollect Agent privilege escalation

2023-05-3118:57:38

ibm

www.cve.org

ibm qradar

wincollect

privilege escalation

cve-2023-26277

x-force id 248156

local user

unnecessary privileges

system commands

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

Percentile

5.1%

JSON

IBM QRadar WinCollect Agent 10.0 though 10.1.3 could allow a local user to execute commands on the system due to execution with unnecessary privileges. IBM X-Force ID: 248156.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "QRadar WinCollect Agent",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "10..3",
        "status": "affected",
        "version": "10.0",
        "versionType": "semver"
      }
    ]
  }
]

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/248156

www.ibm.com/support/pages/node/6999343

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

7.6

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2023-26277