CVE-2023-4003

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Sep 27, 2023
Updated: Sep 29, 2023
CWE ID 250

Summary

CVE-2023-4003 is a vulnerability in One Identity Password Manager version 5.9.7.1, where an unauthenticated attacker with physical access to a workstation can upgrade privileges to SYSTEM through an unspecified method. This vulnerability falls under CWE-250, which is Execution with Unnecessary Privileges. The affected products include t0KDpT, t0KDpS, and t0KDpR. The base severity of this vulnerability is rated as MEDIUM, with a base score of 6.8 according to [email protected]. The impact includes HIGH integrity and confidentiality impacts, and the exploitability score is 0.9. This vulnerability poses a potential danger to organizations as it could allow unauthorized access and privilege escalation on affected systems. Remediation steps are not provided in the given information.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-4003 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options