CVE-2023-28130

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jul 26, 2023

Updated: Aug 2, 2023

CWE ID 77

CWE ID 20

Summary

CVE-2023-28130 is a recently disclosed vulnerability that grants local users the ability to escalate privileges through the Gaia Portal hostnames page. By manipulating the hostnames listed on this page, a user can potentially execute arbitrary code with higher privileges, posing a significant security risk to affected systems. This issue underscores the importance of keeping software up-to-date and implementing strict access controls to mitigate escalation attacks. Users are advised to apply the necessary patches to address this vulnerability promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Check Point Software Technologies Ltd.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sHw3uc
https://www.cve.org/CVERecord?id=CVE-2023-28130
https://nvd.nist.gov/vuln/detail/CVE-2023-28130

Back to Vulnerability Database

CVE-2023-28130

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations