PT-2023-27224 · One Identity · One Identity Password Manager

Roi Hay

Publicado

2023-09-27

Atualizado

2023-09-29

CVE-2023-4003

CVSS v3.1

7.6

Alta

Vetor

AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions One Identity Password Manager version 5.9.7.1

Description An unauthenticated attacker with physical access to a workstation may upgrade privileges to SYSTEM through an unspecified method. This issue is related to execution with unnecessary privileges.

Recommendations For One Identity Password Manager version 5.9.7.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-250

Identificadores relacionados

CVE-2023-4003

Produtos afetados

One Identity Password Manager

PT-2023-27224 · One Identity · One Identity Password Manager

CVE-2023-4003

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4