Описание
The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database.
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:bd:facschorus:5.0:*:*:*:*:*:*:*
cpe:2.3:a:bd:facschorus:5.1:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_z2_tower_g9:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
Одно из
cpe:2.3:a:bd:facschorus:3.0:*:*:*:*:*:*:*
cpe:2.3:a:bd:facschorus:3.1:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_z2_tower_g5:-:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00043
Низкий
4.1 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-277
CWE-732
Связанные уязвимости
CVSS3: 4.1
github
около 2 лет назад
The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database.
EPSS
Процентиль: 13%
0.00043
Низкий
4.1 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-277
CWE-732