exploitDog

CVE-2023-44219

Опубликовано: 27 окт. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature.

Ссылки

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0016
Vendor Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0016
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:sonicwall:directory_services_connector:*:*:*:*:*:*:*:*

Версия до 4.1.22 (исключая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 12%

0.00044

Низкий

7.8 High

CVSS3

Дефекты

CWE-269

CWE-269

Связанные уязвимости

GHSA-2872-q84r-25gg

CVSS3: 7.8

github

почти 2 года назад

A local privilege escalation vulnerability in SonicWall Directory Services Connector Windows MSI client 4.1.21 and earlier versions allows a local low-privileged user to gain system privileges through running the recovery feature.

EPSS

Процентиль: 12%

0.00044

Низкий

7.8 High

CVSS3

Дефекты

CWE-269

CWE-269