CVE-2023-39221Improper Access Control in Intel Unison Software

CWE-284Improper Access Control3 documents3 sources
Severity
8.8HIGHNVD
CNA5.4
EPSS
0.2%
top 63.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Unison Software
Timeline
PublishedNov 14

Description

Improper access control for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDintel/unison_software< 20.14.5683.0+2

🔴Vulnerability Details

2
CVEList
CVE-2023-39221: Improper access control for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network acces2023-11-14
GHSA
GHSA-42gp-78x8-7p5j: Improper access control for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network acces2023-11-14
CVE-2023-39221 — Improper Access Control in Intel | cvebase