exploitDog

GHSA-3g2w-rhvj-j46g

Опубликовано: 27 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier that could allow a local attacker to delete arbitrary files.

A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier that could allow a local attacker to delete arbitrary files.

Ссылки

EPSS

Процентиль: 2%

0.00014

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-367

Связанные уязвимости

CVE-2022-3700

CVSS3: 6.1

nvd

больше 2 лет назад

A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage SystemUpdate Plugin version 2.0.0.212 and earlier that could allow a local attacker to delete arbitrary files.

EPSS

Процентиль: 2%

0.00014

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-367