Lucene search

[email protected]NVD:CVE-2023-28141

HistoryApr 18, 2023 - 4:15 p.m.

CVE-2023-28141

2023-04-1816:15:09

CWE-59

[email protected]

web.nvd.nist.gov

ntfs junction

local attack

qualys cloud agent

end of life

cve-2023-28141

CVSS3

6.3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

EPSS

Percentile

9.0%

JSON

An NTFS Junction condition exists in the Qualys Cloud Agent
for Windows platform in versions before 4.8.0.31. Attackers may write files to
arbitrary locations via a local attack vector. This allows attackers to assume
the privileges of the process, and they may delete or otherwise on unauthorized
files, allowing for the potential modification or deletion of sensitive files
limited only to that specific directory/file object. This vulnerability is
bounded to the time of installation/uninstallation and can only be exploited locally.

At the time of this disclosure, versions before 4.0 are
classified as End of Life.

Affected configurations

Nvd

Node

qualyscloud_agentRange3.1.3.34–4.8.0.31windows

VendorProductVersionCPE
qualyscloud_agent*cpe:2.3:a:qualys:cloud_agent:*:*:*:*:*:windows:*:*

Vendor	Product	Version	CPE
qualys	cloud_agent	*	cpe:2.3:a:qualys:cloud_agent::::::windows::*

References

www.qualys.com/security-advisories/

CVSS3

6.3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2023-28141

prion1 cvelist1 cve1 qualysblog1