cbcvebase.
CVE-2023-38544
published 2023-11-15

CVE-2023-38544: A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited…

PriorityP427medium5.5CVSS 3.1
AVLACLPRLUINSUCNIHAN
EPSS
0.37%
29.2th percentile
A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system.

Affected

3 ranges
VendorProductVersion rangeFixed in
ivantisecure_access_client
ivantisecure_access_client
ivantisecure_access_linux>= 22.6.1 < 22.6.122.6.1

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv3.05.3MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.