CVE-2023-43081

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Nov 22, 2023

Updated: Nov 27, 2023

CWE ID 276

Summary

CVE-2023-43081 is a vulnerability affecting PowerProtect Agent for File System versions 19.14 and older. The issue lies in the ddfscon component, which has incorrect default permissions. A low-privileged local attacker can exploit this flaw, resulting in the overwriting of log files. This vulnerability could potentially allow an attacker to gain unauthorized access to sensitive information or disrupt system operations. Organizations using the affected PowerProtect Agent should apply the necessary patches to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ssSJ2g
https://www.cve.org/CVERecord?id=CVE-2023-43081
https://nvd.nist.gov/vuln/detail/CVE-2023-43081

Back to Vulnerability Database

CVE-2023-43081

CVSS 3.1 Score 3.3 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations