CVE-2022-38176

EPSS 0.1%
Veröffentlicht 06.09.2022 21:15:08
Zuletzt bearbeitet 21.11.2024 07:15:56
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as CVE-2021-31859.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ysoft ≫ Safeq Version6.0 Update-

Ysoft ≫ Safeq Version6.0 Updatebuild32

Ysoft ≫ Safeq Version6.0 Updatebuild33

Ysoft ≫ Safeq Version6.0 Updatebuild34

Ysoft ≫ Safeq Version6.0 Updatebuild35

Ysoft ≫ Safeq Version6.0 Updatebuild36

Ysoft ≫ Safeq Version6.0 Updatebuild37

Ysoft ≫ Safeq Version6.0 Updatebuild38

Ysoft ≫ Safeq Version6.0 Updatebuild39

Ysoft ≫ Safeq Version6.0 Updatebuild40

Ysoft ≫ Safeq Version6.0 Updatebuild41

Ysoft ≫ Safeq Version6.0 Updatebuild42

Ysoft ≫ Safeq Version6.0 Updatebuild43

Ysoft ≫ Safeq Version6.0 Updatebuild44

Ysoft ≫ Safeq Version6.0 Updatebuild45

Ysoft ≫ Safeq Version6.0 Updatebuild46

Ysoft ≫ Safeq Version6.0 Updatebuild47

Ysoft ≫ Safeq Version6.0 Updatebuild48

Ysoft ≫ Safeq Version6.0 Updatebuild49

Ysoft ≫ Safeq Version6.0 Updatebuild50

Ysoft ≫ Safeq Version6.0 Updatebuild51

Ysoft ≫ Safeq Version6.0 Updatebuild52

Ysoft ≫ Safeq Version6.0 Updatebuild53

Ysoft ≫ Safeq Version6.0 Updatebuild54

Ysoft ≫ Safeq Version6.0 Updatebuild55

Ysoft ≫ Safeq Version6.0 Updatebuild56

Ysoft ≫ Safeq Version6.0 Updatebuild57

Ysoft ≫ Safeq Version6.0 Updatebuild58

Ysoft ≫ Safeq Version6.0 Updatebuild59

Ysoft ≫ Safeq Version6.0 Updatebuild60

Ysoft ≫ Safeq Version6.0 Updatebuild61

Ysoft ≫ Safeq Version6.0 Updatebuild62

Ysoft ≫ Safeq Version6.0 Updatebuild63

Ysoft ≫ Safeq Version6.0 Updatebuild64

Ysoft ≫ Safeq Version6.0 Updatebuild65

Ysoft ≫ Safeq Version6.0 Updatebuild66

Ysoft ≫ Safeq Version6.0 Updatebuild67

Ysoft ≫ Safeq Version6.0 Updatebuild68

Ysoft ≫ Safeq Version6.0 Updatebuild69

Ysoft ≫ Safeq Version6.0 Updatebuild70

Ysoft ≫ Safeq Version6.0 Updatebuild71

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.291

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

https://www.ysoft.com/en/legal/ysoft-safeq-client-v3-local-privilege-escalation

Vendor Advisory

https://ysoft.com

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-38176

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-38176

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-38176

EUVD