CVE-2016-8235

Опубликовано: 10 апр. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

Privilege escalation in Lenovo Customer Care Software Development Kit (CCSDK) versions earlier than 2.0.16.3 allows local users to execute code with elevated privileges.

Ссылки

http://www.securityfocus.com/bid/97543
Third Party Advisory
VDB Entry
https://support.lenovo.com/us/en/solutions/LEN-11340
Vendor Advisory
http://www.securityfocus.com/bid/97543
Third Party Advisory
VDB Entry
https://support.lenovo.com/us/en/solutions/LEN-11340
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lenovo:customer_care_software_development_kit:*:*:*:*:*:*:*:*

Версия до 2.0.16 (включая)

EPSS

Процентиль: 20%

0.00064

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-7vp9-w5w6-758h