CVE-2023-22663

2023-11-1419:15:17

CWE-287

[email protected]

web.nvd.nist.gov

cve-2023-22663

improper authentication

intel unison software

escalation of privilege

network access

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

19.3%

JSON

Improper authentication for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access.

Affected configurations

Nvd

Node

intelunison_softwareRange<20.14.5683.0

AND

microsoftwindowsMatch-

Node

intelunison_softwareRange<20.14.4244

AND

googleandroidMatch-

Node

intelunison_softwareRange<20.14.2.3053

AND

appleiphone_osMatch-

VendorProductVersionCPE
intelunison_software*cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
googleandroid-cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
appleiphone_os-cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
intel	unison_software	*	cpe:2.3:a:intel:unison_software::::::::
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
google	android	-	cpe:2.3:o:google:android:-:::::::*
apple	iphone_os	-	cpe:2.3:o:apple:iphone_os:-:::::::*