CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
CVE-2023-23430 (GCVE-0-2023-23430)
Vulnerability from cvelistv5 – Published: 2023-12-29 03:09 – Updated: 2025-04-17 20:23
VLAI
Summary
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
Severity
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Honor | com.hihonor.magichome |
Affected:
7.3.2.306 , < 7.60.10.303
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:28:40.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hihonor.com/global/security/cve-2023-23430/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23430",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-03T16:38:57.474894Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-17T20:23:15.293Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "com.hihonor.magichome\t",
"vendor": "Honor",
"versions": [
{
"lessThan": "7.60.10.303",
"status": "affected",
"version": "7.3.2.306",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.\u003c/span\u003e"
}
],
"value": "\nSome Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T03:09:10.957Z",
"orgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"shortName": "Honor"
},
"references": [
{
"url": "https://www.hihonor.com/global/security/cve-2023-23430/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3836d913-7555-4dd0-a509-f5667fdf5fe4",
"assignerShortName": "Honor",
"cveId": "CVE-2023-23430",
"datePublished": "2023-12-29T03:09:10.957Z",
"dateReserved": "2023-01-12T04:00:30.135Z",
"dateUpdated": "2025-04-17T20:23:15.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23610 (GCVE-0-2023-23610)
Vulnerability from cvelistv5 – Published: 2023-01-25 05:46 – Updated: 2025-03-10 21:20
VLAI
Title
glpi vulnerable to Unauthorized access to data export
Summary
GLPI is a Free Asset and IT Management Software package. Versions prior to 9.5.12 and 10.0.6 are vulnerable to Improper Privilege Management. Any user having access to the standard interface can export data of almost any GLPI item type, even those on which user is not allowed to access (including assets, tickets, users, ...). This issue is patched in 10.0.6.
Severity
6.5 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/glpi-project/glpi/security/adv… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| glpi-project | glpi |
Affected:
>= 0.65, < 9.5.12
Affected: >= 10.0.0, < 10.0.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:35:33.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/glpi-project/glpi/security/advisories/GHSA-6565-hm87-24hf",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-6565-hm87-24hf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:59:25.547111Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:20:13.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "glpi",
"vendor": "glpi-project",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.65, \u003c 9.5.12"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.0.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GLPI is a Free Asset and IT Management Software package. Versions prior to 9.5.12 and 10.0.6 are vulnerable to Improper Privilege Management. Any user having access to the standard interface can export data of almost any GLPI item type, even those on which user is not allowed to access (including assets, tickets, users, ...). This issue is patched in 10.0.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-25T05:46:35.549Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/glpi-project/glpi/security/advisories/GHSA-6565-hm87-24hf",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-6565-hm87-24hf"
}
],
"source": {
"advisory": "GHSA-6565-hm87-24hf",
"discovery": "UNKNOWN"
},
"title": "glpi vulnerable to Unauthorized access to data export"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-23610",
"datePublished": "2023-01-25T05:46:35.549Z",
"dateReserved": "2023-01-16T17:07:46.242Z",
"dateUpdated": "2025-03-10T21:20:13.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23629 (GCVE-0-2023-23629)
Vulnerability from cvelistv5 – Published: 2023-01-28 01:23 – Updated: 2025-03-10 21:17
VLAI
Title
Metabase subject to Improper Privilege Management
Summary
Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a dashboard subscription, add people with fewer data privileges, and all recipients of that subscription receive the same data: the charts shown in the email would abide by the privileges of the user who created the subscription. The issue is users with fewer privileges who can view a dashboard are able to add themselves to a dashboard subscription created by someone with additional data privileges, and thus get access to more data via email. This issue is patched in versions 0.43.7.1, 1.43.7.1, 0.44.6.1, 1.44.6.1, 0.45.2.1, and 1.45.2.1. On Metabase instances running Enterprise Edition, admins can disable the "Subscriptions and Alerts" permission for groups that have restricted data permissions, as a workaround.
Severity
6.3 (Medium)
CWE
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/metabase/metabase/security/adv… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:35:33.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/metabase/metabase/security/advisories/GHSA-ch8f-hhq9-7gv5",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/metabase/metabase/security/advisories/GHSA-ch8f-hhq9-7gv5"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23629",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-10T20:58:43.915067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-10T21:17:37.583Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "metabase",
"vendor": "metabase",
"versions": [
{
"status": "affected",
"version": "\u003c 0.43.7.1"
},
{
"status": "affected",
"version": "\u003e= 0.44.0-RC1, \u003c 0.44.6.1"
},
{
"status": "affected",
"version": "\u003e= 0.45.0-RC1, \u003c 0.45.2.1"
},
{
"status": "affected",
"version": "\u003e= 1.0.0, \u003c 1.43.7.1"
},
{
"status": "affected",
"version": "\u003e= 1.44.0-RC1, \u003c 1.44.6.1"
},
{
"status": "affected",
"version": "\u003e= 1.45.0-RC1, \u003c 1.45.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Metabase is an open source data analytics platform. Affected versions are subject to Improper Privilege Management. As intended, recipients of dashboards subscriptions can view the data as seen by the creator of that subscription. This allows someone with greater access to data to create a dashboard subscription, add people with fewer data privileges, and all recipients of that subscription receive the same data: the charts shown in the email would abide by the privileges of the user who created the subscription. The issue is users with fewer privileges who can view a dashboard are able to add themselves to a dashboard subscription created by someone with additional data privileges, and thus get access to more data via email. This issue is patched in versions 0.43.7.1, 1.43.7.1, 0.44.6.1, 1.44.6.1, 0.45.2.1, and 1.45.2.1. On Metabase instances running Enterprise Edition, admins can disable the \"Subscriptions and Alerts\" permission for groups that have restricted data permissions, as a workaround.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-28T01:23:33.300Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/metabase/metabase/security/advisories/GHSA-ch8f-hhq9-7gv5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/metabase/metabase/security/advisories/GHSA-ch8f-hhq9-7gv5"
}
],
"source": {
"advisory": "GHSA-ch8f-hhq9-7gv5",
"discovery": "UNKNOWN"
},
"title": "Metabase subject to Improper Privilege Management"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-23629",
"datePublished": "2023-01-28T01:23:33.300Z",
"dateReserved": "2023-01-16T17:07:46.245Z",
"dateUpdated": "2025-03-10T21:17:37.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23990 (GCVE-0-2023-23990)
Vulnerability from cvelistv5 – Published: 2024-05-17 06:33 – Updated: 2026-04-28 16:08
VLAI
Title
WordPress Redirection for Contact Form 7 plugin <= 2.7.0 - Privilege Escalation vulnerability
Summary
Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through 2.7.0.
Severity
7.6 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/wpc… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qube One Ltd. | Redirection for Contact Form 7 |
Affected:
n/a , ≤ 2.7.0
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23990",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-22T18:11:21.330206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:22:21.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:49:08.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/wpcf7-redirect/wordpress-redirection-for-contact-form-7-plugin-2-7-0-privilege-escalation-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wpcf7-redirect",
"product": "Redirection for Contact Form 7",
"vendor": "Qube One Ltd.",
"versions": [
{
"changes": [
{
"at": "2.8.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.7.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Rafie Muhammad (Patchstack)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.\u003cp\u003eThis issue affects Redirection for Contact Form 7: from n/a through 2.7.0.\u003c/p\u003e"
}
],
"value": "Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a through 2.7.0."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:08:04.823Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/wpcf7-redirect/wordpress-redirection-for-contact-form-7-plugin-2-7-0-privilege-escalation-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 2.8.0 or a higher version."
}
],
"value": "Update to 2.8.0 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Redirection for Contact Form 7 plugin \u003c= 2.7.0 - Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-23990",
"datePublished": "2024-05-17T06:33:39.433Z",
"dateReserved": "2023-01-20T09:29:07.013Z",
"dateUpdated": "2026-04-28T16:08:04.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-24483 (GCVE-0-2023-24483)
Vulnerability from cvelistv5 – Published: 2023-02-16 00:00 – Updated: 2025-03-18 19:15
VLAI
Title
Privilege Escalation to NT AUTHORITY\SYSTEM on the vulnerable VDA
Summary
A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA.
Severity
7.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Citrix | Citrix Virtual Apps and Desktops |
Affected:
Citrix Virtual Apps and Desktops , < 2212
(custom)
|
Date Public
2023-02-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX477616/citrix-virtual-apps-and-desktops-security-bulletin-for-cve202324483"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-24483",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-18T19:15:26.731039Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T19:15:51.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Citrix Virtual Apps and Desktops",
"vendor": "Citrix",
"versions": [
{
"changes": [
{
"at": "2203 LTSR before CU2 ",
"status": "unaffected"
},
{
"at": "1912 LTSR before CU6 ",
"status": "unaffected"
}
],
"lessThan": "2212",
"status": "affected",
"version": "Citrix Virtual Apps and Desktops",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-02-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified that, if exploited, could result in a local user elevating their privilege level to NT AUTHORITY\\SYSTEM on a Citrix Virtual Apps and Desktops Windows VDA."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-16T00:00:00.000Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/article/CTX477616/citrix-virtual-apps-and-desktops-security-bulletin-for-cve202324483"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Privilege Escalation to NT AUTHORITY\\SYSTEM on the vulnerable VDA",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2023-24483",
"datePublished": "2023-02-16T00:00:00.000Z",
"dateReserved": "2023-01-24T00:00:00.000Z",
"dateUpdated": "2025-03-18T19:15:51.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24491 (GCVE-0-2023-24491)
Vulnerability from cvelistv5 – Published: 2023-07-11 21:13 – Updated: 2024-11-07 15:20
VLAI
Summary
A vulnerability has been discovered in the Citrix Secure Access client for Windows
which, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of NT AUTHORITY\SYSTEM.
Severity
7.8 (High)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Citrix | Citrix Secure Access client for Windows |
Affected:
0 , < 23.5.1.3
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX561480/citrix-secure-access-client-for-windows-security-bulletin-for-cve202324491"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:citrix:secure_access_client:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "secure_access_client",
"vendor": "citrix",
"versions": [
{
"lessThan": "23.5.1.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T15:20:05.532600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T15:20:58.467Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Citrix Secure Access client for Windows",
"vendor": "Citrix",
"versions": [
{
"lessThan": "23.5.1.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability has been discovered in the Citrix Secure Access client for Windows\u003c/span\u003e\n\n\n\nwhich, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNT AUTHORITY\\SYSTEM.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "\nA vulnerability has been discovered in the Citrix Secure Access client for Windows\n\n\n\nwhich, if exploited, could allow an attacker with access to an endpoint with Standard User Account that has the vulnerable client installed to escalate their local privileges to that of\u00a0NT AUTHORITY\\SYSTEM.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T21:13:05.305Z",
"orgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"shortName": "Citrix"
},
"references": [
{
"url": "https://support.citrix.com/article/CTX561480/citrix-secure-access-client-for-windows-security-bulletin-for-cve202324491"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e437aed5-38e0-4fa3-a98b-cb73e7acaec6",
"assignerShortName": "Citrix",
"cveId": "CVE-2023-24491",
"datePublished": "2023-07-11T21:13:05.305Z",
"dateReserved": "2023-01-24T15:49:52.579Z",
"dateUpdated": "2024-11-07T15:20:58.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24509 (GCVE-0-2023-24509)
Vulnerability from cvelistv5 – Published: 2023-04-13 00:00 – Updated: 2025-02-07 15:42
VLAI
Title
On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading t ...
Summary
On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability.
Severity
9.3 (Critical)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Arista Networks | Arista EOS |
Affected:
4.23.0 4.23.13M
Affected: 4.28.0 , ≤ 4.28.3M (custom) Affected: 4.27.0 , ≤ 4.27.6M (custom) Affected: 4.286.0 , ≤ 4.26.8M (custom) Affected: 4.25.0 , ≤ 4.25.9M (custom) Affected: 4.24.0 , ≤ 4.24.10M (custom) |
Date Public
2023-02-14 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:04.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/16985-security-advisory-0082"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-24509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T15:42:03.820627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T15:42:09.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Arista EOS",
"vendor": "Arista Networks",
"versions": [
{
"status": "affected",
"version": "4.23.0 4.23.13M"
},
{
"lessThanOrEqual": "4.28.3M",
"status": "affected",
"version": "4.28.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.27.6M",
"status": "affected",
"version": "4.27.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.26.8M",
"status": "affected",
"version": "4.286.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.25.9M",
"status": "affected",
"version": "4.25.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.24.10M",
"status": "affected",
"version": "4.24.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "In order to be vulnerable to CVE-2023-24509, the following conditions must be met:\n\nTwo supervisor modules must both be inserted and active. To determine the status of the supervisor modules,\n\nswitch#show module \nModule Ports Card Type Model Serial No.\n------- ----- ------------------------ ---------------- -----------\n1 3 DCS-7500-SUP2 Supervisor DCS-7500-SUP2 SSJ17133450\n2 2 Standby supervisor DCS-7500-SUP2 SSJ17133441\n \nModule Status Uptime Power off reason\n------- ------- ------- ----------------\n1 Active 0:24:58 N/A\n2 Standby 0:24:58 N/A\nSupervisor redundancy protocol must be configured with RPR(Route Processor Redundancy) or SSO (Stateful Switchover) on the switch. To determine the state and the current redundancy protocol of both supervisors on the switch,\n\nswitch#show redundancy status\n my state = ACTIVE\npeer state = STANDBY WARM\n Unit = Primary\n Unit ID = 1\n \nRedundancy Protocol (Operational) = Route Processor Redundancy\nRedundancy Protocol (Configured) = Route Processor Redundancy\nCommunications = Up\nReady for switchover\n \n Last switchover time = 7:23:56 ago\nLast switchover reason = Supervisor has control of the active supervisor lock"
}
],
"credits": [
{
"lang": "en",
"value": "Arista would like to acknowledge and thank Marc-Andr\u00e9 Labont\u00e9, Senior Information Security Analyst at Desjardins for responsibly reporting CVE-2023-24509."
}
],
"datePublic": "2023-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-13T00:00:00.000Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/16985-security-advisory-0082"
}
],
"solutions": [
{
"lang": "en",
"value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below.\n\nCVE-2023-24509 has been fixed in the following releases:\n\n4.28.4M and later releases in the 4.28.x train\n4.27.7M and later releases in the 4.27.x train\n4.26.9M and later releases in the 4.26.x train\n4.25.10M and later releases in the 4.25.x train\n4.24.11M and later releases in the 4.24.x train"
},
{
"lang": "en",
"value": "The following hotfix can be applied to remediate CVE-2023-24509. The hotfix only applies to the releases listed below and no other releases. All other versions require upgrading to a release containing the fix (as listed above).: \n\n4.28.3M and below releases in the 4.28.x train\n4.27.6M and below releases in the 4.27.x train\n4.26.8M and below releases in the 4.26.x train\n4.25.9M and below releases in the 4.25.x train\n4.24.10M\n4.23.13M\nNote: Installing/uninstalling the SWIX will cause ConfigAgent to restart and disconnect existing CLI sessions.\n\nVersion: 1.0\n\nURL: SecurityAdvisory82_CVE-2023-24509_Hotfix.swix\n\nSWIX hash:\n\n(SHA-512)7833ab99e11cfea1ec28c09aedffd062cfc865a20a843ee6184caff1081e748c8a02590644d0c7b0e377027379cbaadc8b1a70d1c37097bf98c1bedb429dca56"
}
],
"source": {
"advisory": "82",
"defect": [
"723401"
],
"discovery": "EXTERNAL"
},
"title": "On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading t ...",
"workarounds": [
{
"lang": "en",
"value": "The workaround is to disable \u201cssh\u201d CLI command in unprivileged mode on the SSH client devices by using command authorization. This can be done with Role-Based Access Control (RBAC).\n\nIf the \u201cssh\u201d CLI command is currently used to connect to a remote host, the destination address can be added to an allowlist with RBAC."
}
],
"x_ConverterErrors": {
"TITLE": {
"error": "TITLE too long. Truncating in v5 record.",
"message": "Truncated!"
}
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2023-24509",
"datePublished": "2023-04-13T00:00:00.000Z",
"dateReserved": "2023-01-24T00:00:00.000Z",
"dateUpdated": "2025-02-07T15:42:09.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25133 (GCVE-0-2023-25133)
Vulnerability from cvelistv5 – Published: 2023-04-24 00:00 – Updated: 2025-02-04 17:22
VLAI
Title
Improper privilege management vulnerability in CyberPower PowerPanel Business
Summary
Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors.
Severity
9.1 (Critical)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| CyberPower | PowerPanel Business Local / Remote |
Affected:
unspecified , ≤ v4.8.6
(custom)
|
|
| CyberPower | PowerPanel Business Management |
Affected:
unspecified , ≤ v4.8.6
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:18:35.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://zuso.ai/Advisory/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_linux#downloads"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_mac#downloads"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_virtual_machine#downloads"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T17:22:25.498117Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T17:22:44.012Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows, MacOS, Linux"
],
"product": "PowerPanel Business Local / Remote",
"vendor": "CyberPower",
"versions": [
{
"lessThanOrEqual": "v4.8.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"Windows, MacOS, Linux"
],
"product": "PowerPanel Business Management",
"vendor": "CyberPower",
"versions": [
{
"lessThanOrEqual": "v4.8.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-24T00:00:00.000Z",
"orgId": "256c161b-b921-402b-8c3b-c6c9c14d5d88",
"shortName": "ZUSO ART"
},
"references": [
{
"url": "https://zuso.ai/Advisory/"
},
{
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads"
},
{
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_linux#downloads"
},
{
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_mac#downloads"
},
{
"url": "https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_virtual_machine#downloads"
}
],
"source": {
"defect": [
"ZA-2023-03"
],
"discovery": "EXTERNAL"
},
"title": "Improper privilege management vulnerability in CyberPower PowerPanel Business",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "256c161b-b921-402b-8c3b-c6c9c14d5d88",
"assignerShortName": "ZUSO ART",
"cveId": "CVE-2023-25133",
"datePublished": "2023-04-24T00:00:00.000Z",
"dateReserved": "2023-02-02T00:00:00.000Z",
"dateUpdated": "2025-02-04T17:22:44.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25535 (GCVE-0-2023-25535)
Vulnerability from cvelistv5 – Published: 2024-02-14 07:23 – Updated: 2024-08-06 19:19
VLAI
Summary
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done prior to 8th March 2023
Severity
7.2 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00021141… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | SupportAssist Client Consumer |
Affected:
0 , < 3.13.2.19
(semver)
|
Date Public
2024-04-10 06:30
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:18.788Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000211410/dell-supportassist-for-home-pcs-security-update-for-installer-executable-file-for-local-privilege-escalation-lpe-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dell:supportassist_client_consumer:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "supportassist_client_consumer",
"vendor": "dell",
"versions": [
{
"lessThan": "3.13.2.19",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25535",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T19:04:44.048121Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T19:19:14.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SupportAssist Client Consumer",
"vendor": "Dell",
"versions": [
{
"lessThan": "3.13.2.19",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "JaeHeng Yoon"
}
],
"datePublic": "2024-04-10T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done prior to 8th March 2023\u003c/span\u003e\n\n"
}
],
"value": "\nDell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done prior to 8th March 2023\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T07:23:39.610Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000211410/dell-supportassist-for-home-pcs-security-update-for-installer-executable-file-for-local-privilege-escalation-lpe-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2023-25535",
"datePublished": "2024-02-14T07:23:39.610Z",
"dateReserved": "2023-02-07T09:35:27.079Z",
"dateUpdated": "2024-08-06T19:19:14.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25647 (GCVE-0-2023-25647)
Vulnerability from cvelistv5 – Published: 2023-08-17 02:13 – Updated: 2024-10-01 18:17
VLAI
Title
Permission and Access Control Vulnerability in Some ZTE Mobile Phones
Summary
There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event.
Severity
4.7 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ZTE | Some ZTE Mobile Phones |
Affected:
NON_EEA_P870F21V1.0.0B01 , ≤ V1.0.0B07
(V1.0.0B07)
Affected: GEN_ZTE_PQ82A01V1.0.0B01MR , ≤ V1.0.0B18MR (V1.0.0B18MR) Affected: GEN_ZTE_P870A01V3.0.0B01 , ≤ V3.0.0B05 (V3.0.0B05) Affected: GEN_ZTE_P898A01V2.0.0B01 , ≤ V2.0.0B16 (V2.0.0B16) |
Date Public
2023-07-27 02:10
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:25:19.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032264"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25647",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T18:11:54.039790Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T18:17:44.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Some ZTE Mobile Phones",
"vendor": "ZTE",
"versions": [
{
"lessThanOrEqual": "V1.0.0B07",
"status": "affected",
"version": "NON_EEA_P870F21V1.0.0B01",
"versionType": "V1.0.0B07"
},
{
"lessThanOrEqual": "V1.0.0B18MR",
"status": "affected",
"version": " GEN_ZTE_PQ82A01V1.0.0B01MR",
"versionType": "V1.0.0B18MR"
},
{
"lessThanOrEqual": "V3.0.0B05",
"status": "affected",
"version": "GEN_ZTE_P870A01V3.0.0B01",
"versionType": "V3.0.0B05"
},
{
"lessThanOrEqual": "V2.0.0B16",
"status": "affected",
"version": "GEN_ZTE_P898A01V2.0.0B01",
"versionType": "V2.0.0B16"
}
]
}
],
"datePublic": "2023-07-27T02:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eT\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ehere is a permission and access control vulnerability in some ZTE mobile phones. Due to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eimproper access control\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eapplications in mobile phone c\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eould\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003emonitor\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe touch\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;event.\u003c/span\u003e\n\n\n\n"
}
],
"value": "\n\n\nThere is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could\u00a0monitor\u00a0the touch\u00a0event.\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-554",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-554 Functionality Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-30T00:56:20.949Z",
"orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"shortName": "zte"
},
"references": [
{
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032264"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Permission and Access Control Vulnerability in Some ZTE Mobile Phones",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
"assignerShortName": "zte",
"cveId": "CVE-2023-25647",
"datePublished": "2023-08-17T02:13:19.932Z",
"dateReserved": "2023-02-09T19:47:48.022Z",
"dateUpdated": "2024-10-01T18:17:44.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation ID: MIT-48
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation ID: MIT-49
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.