CVE-2023-43081 MEDIUM

CVE-2023-43081

Vendor Dell
Product PowerProtect Agent for File System
Weakness CWE-276
Published November 22, 2023
Last update October 1, 2024

CVSS base score

4.0/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

PowerProtect Agent for File System Version 19.14 and prior, contains an incorrect default permissions vulnerability in ddfscon component. A low Privileged local attacker could potentially exploit this vulnerability, leading to overwriting of log files.

Key dates

02Disclosure timeline

November 22, 2023 CVE published
October 1, 2024 Record updated