Lucene search

PRIOn knowledge basePRION:CVE-2023-1164

HistoryMar 03, 2023 - 7:15 a.m.

Authorization

2023-03-0307:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

kylinsoft kylin-activation

kylinos

improper authorization

local access

upgrade

version 1.3.11-23

version 1.30.10-5.p23

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.4%

JSON

A vulnerability was found in KylinSoft kylin-activation on KylinOS and classified as critical. Affected by this issue is some unknown functionality of the component File Import. The manipulation leads to improper authorization. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.11-23 and 1.30.10-5.p23 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222260.

CPENameOperatorVersion
kylin_oseq< 1.3.11-23
kylin_oseq< 1.30.10-5.p23

CPE	Name	Operator	Version
	kylin_os	eq	< 1.3.11-23
	kylin_os	eq	< 1.30.10-5.p23

References

github.com/i900008/vulndb/blob/main/kylin-activation_vuln.md

vuldb.com/?ctiid.222260

vuldb.com/?id.222260