Lucene search

GoogleOSV:CVE-2023-47101

HistoryOct 30, 2023 - 6:15 p.m.

CVE-2023-47101

2023-10-3018:15:10

Google

osv.dev

cve-2023-47101

openvpn-client-installer

securepoint ssl vpn client

local privilege escalation

installation

repair

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The installer (aka openvpn-client-installer) in Securepoint SSL VPN Client before 2.0.40 allows local privilege escalation during installation or repair.

CPENameOperatorVersion
openvpn-clienteq2.0.39
openvpn-clienteq2.0.27
openvpn-clienteq2.0.33
openvpn-clienteq2.0.18
openvpn-clienteq1.0.2
openvpn-clienteq2.0.26
openvpn-clienteq2.0.28
openvpn-clienteq2.0.32
openvpn-clienteq2.0.15
openvpn-clienteq2.0.31

Name	Operator	Version
openvpn-client	eq	2.0.39
openvpn-client	eq	2.0.27
openvpn-client	eq	2.0.33
openvpn-client	eq	2.0.18
openvpn-client	eq	1.0.2
openvpn-client	eq	2.0.26
openvpn-client	eq	2.0.28
openvpn-client	eq	2.0.32
openvpn-client	eq	2.0.15
openvpn-client	eq	2.0.31

Rows per page:

1-10 of 271

References

cyvisory.group/advisory/CYADV-2023-012

sourceforge.net/p/securepoint/news/2023/08/2040-is-now-available/

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for OSV:CVE-2023-47101