6.7

CVE-2022-47529

Exploit

EPSS 3.35%
Veröffentlicht 28.03.2023 13:15:07
Zuletzt bearbeitet 21.11.2024 07:32:09
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protection features via ACL modification.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Rsa ≫ Netwitness Version < 12.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.35%	0.868

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

http://seclists.org/fulldisclosure/2023/Mar/26

Third Party Advisory

Exploit

Mailing List

http://seclists.org/fulldisclosure/2024/Apr/17

https://community.netwitness.com/t5/netwitness-platform-security/nw-2023-04-netwitness-platform-security-advisory-cve-2022-47529/ta-p/696935

Permissions Required

https://github.com/hyp3rlinx/CVE-2022-47529

https://hyp3rlinx.altervista.org/advisories/RSA_NETWITNESS_EDR_AGENT_INCORRECT_ACCESS_CONTROL_CVE-2022-47529.txt

Third Party Advisory

Exploit

https://packetstormsecurity.com/files/171476/RSA-NetWitness-Endpoint-EDR-Agent-12.x-Incorrect-Access-Control-Code-Execution.html

Third Party Advisory

Exploit

VDB Entry

https://seclists.org/fulldisclosure/2023/Mar/16

Third Party Advisory

Mailing List

https://twitter.com/hyp3rlinx/status/1639335477839790105

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-47529

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-47529

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-47529

EUVD