exploitDog

GHSA-4639-7gfm-29p2

Опубликовано: 15 фев. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 6.7

Описание

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.

Ссылки

EPSS

Процентиль: 3%

0.00016

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-276

Связанные уязвимости

CVE-2023-49721

CVSS3: 6.7

ubuntu

почти 2 года назад

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.

CVE-2023-49721

CVSS3: 6.7

nvd

почти 2 года назад

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot.

CVE-2023-49721

CVSS3: 6.7

debian

почти 2 года назад

An insecure default to allow UEFI Shell in EDK2 was left enabled in LX ...

EPSS

Процентиль: 3%

0.00016

Низкий

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-276