PT-2023-2999 · Unknown · Nexus Series+2
Publicado
2023-06-05
·
Atualizado
2024-09-19
·
CVE-2023-0635
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ASPECT-Enterprise versions 3.0;0 through 3.07.01
NEXUS Series versions 3.0;0 through 3.07.01
MATRIX Series versions 3.0;0 through 3.07.01
Description
The issue is related to improper privilege management, which can allow an attacker to escalate their privileges to the level of root. This can be exploited to gain unauthorized access and control.
Recommendations
For ASPECT-Enterprise versions 3.0;0 through 3.07.01, update to version 3.07.01 or later.
For NEXUS Series versions 3.0;0 through 3.07.01, update to version 3.07.01 or later.
For MATRIX Series versions 3.0;0 through 3.07.01, update to version 3.07.01 or later.
As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation.
Correção
Improper Privilege Management
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Aspect-Enterprise
Matrix Series
Nexus Series