CVE-2023-2417 Vulnerability Details

  /     /     /  

CVE-2023-2417 Metadata Quick Info

CVE Published: 29/04/2023 | CVE Updated: 02/08/2024 | CVE Year: 2023
Source: VulDB | Vendor: ks-soft | Product: Advanced Host Monitor
Status : PUBLISHED

---

CVE-2023-2417 Description

A vulnerability was found in ks-soft Advanced Host Monitor up to 12.56 and classified as problematic. Affected by this issue is some unknown functionality of the file C:\Program Files (x86)\HostMonitor\RMA-Win\rma_active.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 12.60 is able to address this issue. It is recommended to upgrade the affected component. VDB-227714 is the identifier assigned to this vulnerability.

Metrics

CVSS Version: 3.1 | Base Score: 5.3 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-428
CWE Name: CWE-428 Unquoted Search Path
Source: ks-soft

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).