CVE-2023-22448 : Improper access control for some Intel Unison software may allow a privileged us

Improper access control for some Intel Unison software may allow a privileged user to potentially enable escalation of privilege via network access.

Published 2023-11-14 19:15:18

Updated 2024-08-30 18:35:03

Source Intel Corporation

View at NVD, CVE.org

Products affected by CVE-2023-22448

Intel » Unison Software
Versions before (<) 20.14.4244
cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
Matching versions
When used together with: Google » Android » Version: N/A
Intel » Unison Software
Versions before (<) 20.14.2.3053
cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
Matching versions
When used together with: Apple » Iphone Os » Version: N/A
Intel » Unison Software
Versions before (<) 20.14.5683.0
cpe:2.3:a:intel:unison_software:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows » Version: N/A

EPSS FAQ

0.07%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 34 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	1.2	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
5.9	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N	0.7	5.2	Intel Corporation
Attack Vector: Network Attack Complexity: High Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: None

Jump to