CVE-2022-48227

EPSS 0.06%
Veröffentlicht 04.04.2023 16:15:07
Zuletzt bearbeitet 13.02.2025 22:15:08
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It allows elevation of privileges because it opens Notepad after the installation of AssureID, Identify x64, and Identify x86, aka CORE-7361.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gbgplc ≫ Acuant Asureid Sentinel Version < 5.2.149

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.192

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://acuant.com

Not Applicable

https://hackandpwn.com/disclosures/CVE-2022-48227.pdf

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-48227

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-48227

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-48227

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-48227