CVE-2023-39433 MEDIUM

CVE-2023-39433

Vendor N/A

Product Intel(R) CST software

Weakness CWE-284

Published May 16, 2024

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

4.4/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

What the vulnerability does

01Description

Improper access control for some Intel(R) CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalation of privilege via local access.

Key dates

02Disclosure timeline

May 16, 2024 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-39433 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/284.html

Related vulnerabilities

04Related CVE

CVE-2022-35689 Adobe Commerce Improper Access Control Security feature bypass CVE-2022-1553 Leaking password protected articles content due to improper access control in publify/publify CVE-2020-1754 CVE-2026-42205 Avo: Broken Access Control: Unauthorized Execution of Arbitrary Action Classes Across Resources CVE-2020-7278 McAfee firewall rules not enforced correctly