5.5
CVE-2023-2818
- EPSS 0.04%
- Veröffentlicht 27.06.2023 15:15:10
- Zuletzt bearbeitet 21.11.2024 07:59:20
- Quelle security@proofpoint.com
- CVE-Watchlists
- Unerledigt
LoginAn insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Proofpoint ≫ Insider Threat Management SwPlatformwindows Version < 7.14.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.122 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| security@proofpoint.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-281 Improper Preservation of Permissions
The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.