Lucene search

[email protected]NVD:CVE-2022-48227

HistoryApr 04, 2023 - 4:15 p.m.

CVE-2022-48227

2023-04-0416:15:07

CWE-269

[email protected]

web.nvd.nist.gov

acuant asureid sentinel

elevation of privileges

notepad

installation

core-7361

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

Percentile

9.0%

JSON

An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It allows elevation of privileges because it opens Notepad after the installation of AssureID, Identify x64, and Identify x86, aka CORE-7361.

Affected configurations

Nvd

Node

gbgplcacuant_asureid_sentinelRange<5.2.149

VendorProductVersionCPE
gbgplcacuant_asureid_sentinel*cpe:2.3:a:gbgplc:acuant_asureid_sentinel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gbgplc	acuant_asureid_sentinel	*	cpe:2.3:a:gbgplc:acuant_asureid_sentinel::::::::

References

acuant.com

hackandpwn.com/disclosures/CVE-2022-48227.pdf

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2022-48227

prion1 cve1 cvelist1