Lucene search

[email protected]NVD:CVE-2023-31437

HistoryJun 13, 2023 - 5:15 p.m.

CVE-2023-31437

2023-06-1317:15:14

CWE-354

[email protected]

web.nvd.nist.gov

systemd

log file

modification

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

38.4%

JSON

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent “a reply denying that any of the finding was a security vulnerability.”

Affected configurations

Nvd

Node

systemd_projectsystemdMatch253-

References

github.com/kastel-security/Journald

github.com/kastel-security/Journald/blob/main/journald-publication.pdf

github.com/systemd/systemd/releases

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

38.4%

JSON

Related for NVD:CVE-2023-31437

prion1 cvelist1 ubuntucve1 debiancve1 cve1