CVE-2023-2818

EPSS 0.15%
Veröffentlicht 27.06.2023 15:15:10
Zuletzt bearbeitet 21.11.2024 07:59:20
Quelle security@proofpoint.com
CVE-Watchlists
Login
Unerledigt
Login

ITM Windows Agent Insecure Filesystem Permissions

An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Proofpoint ≫ Insider Threat Management SwPlatformwindows Version < 7.14.3

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.041

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
security@proofpoint.com	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-281 Improper Preservation of Permissions

The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-2818

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-2818

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-2818

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-2818