PT-2023-23088 · Unknown · Kylin-Software-Properties

Set3R.Pan

Publicado

2023-06-05

Atualizado

2024-05-17

CVE-2023-3096

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions kylin-software-properties versions prior to 0.0.1-130

Description A critical issue has been found in the changedSource function, leading to improper access controls. This can be exploited locally. It is reported that the exploit has been disclosed publicly.

Recommendations For versions prior to 0.0.1-130, upgrade to version 0.0.1-130 to address this issue. As a temporary workaround, consider restricting access to the changedSource function until the upgrade is applied.

Exploit

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

CVE-2023-3096

Produtos afetados

Kylin-Software-Properties

PT-2023-23088 · Unknown · Kylin-Software-Properties

CVE-2023-3096

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5