CVSS 3.1 Score 6.6 of 10 (medium)


Published Dec 23, 2023
Updated: Feb 8, 2024
CWE ID 269


CVE-2023-7090 is a vulnerability that affects multiple products including UecdB3, UecdBp, UecdBe, X7EV5U, and X7EV5W. The vulnerability is classified as a privilege mismanagement flaw in sudo, specifically in the handling of ipa_hostname. This flaw allows client hosts to retain privileges even after retracting them. The potential danger to organizations is that it can lead to unauthorized access and privilege escalation. To remediate this vulnerability, it is recommended to update the affected products to the latest version or apply patches provided by the vendors.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-7090 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options