{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-2818", "assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "state": "PUBLISHED", "assignerShortName": "Proofpoint", "dateReserved": "2023-05-19T20:44:55.575Z", "datePublished": "2023-06-27T14:29:49.258Z", "dateUpdated": "2024-11-07T17:06:01.258Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Agent"], "platforms": ["Windows"], "product": "Insider Threat Management", "vendor": "Proofpoint", "versions": [{"lessThan": "7.14.3", "status": "affected", "version": "0", "versionType": "semver"}]}], "datePublic": "2023-06-25T14:25:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected."}], "value": "An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-281", "description": "CWE-281 Improper Preservation of Permissions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "shortName": "Proofpoint", "dateUpdated": "2023-06-27T14:31:22.344Z"}, "references": [{"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005"}], "source": {"discovery": "UNKNOWN"}, "title": "ITM Windows Agent Insecure Filesystem Permissions", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:33:05.639Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-07T17:05:48.990666Z", "id": "CVE-2023-2818", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T17:06:01.258Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:33:05.639Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-2818", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-07T17:05:48.990666Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-07T17:05:56.993Z"}}], "cna": {"title": "ITM Windows Agent Insecure Filesystem Permissions", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Proofpoint", "modules": ["Agent"], "product": "Insider Threat Management", "versions": [{"status": "affected", "version": "0", "lessThan": "7.14.3", "versionType": "semver"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "datePublic": "2023-06-25T14:25:00.000Z", "references": [{"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected.", "supportingMedia": [{"type": "text/html", "value": "An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-281", "description": "CWE-281 Improper Preservation of Permissions"}]}], "providerMetadata": {"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "shortName": "Proofpoint", "dateUpdated": "2023-06-27T14:31:22.344Z"}}}, "cveMetadata": {"cveId": "CVE-2023-2818", "state": "PUBLISHED", "dateUpdated": "2024-11-07T17:06:01.258Z", "dateReserved": "2023-05-19T20:44:55.575Z", "assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "datePublished": "2023-06-27T14:29:49.258Z", "assignerShortName": "Proofpoint"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:proofpoint:insider_threat_management:*:*:*:*:*:windows:*:*", "matchCriteriaId": "E5C0D9BE-61C4-46F5-A634-85D68173447C", "versionEndExcluding": "7.14.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected."}], "id": "CVE-2023-2818", "lastModified": "2024-11-21T07:59:20.993", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2023-06-27T15:15:10.350", "references": [{"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-281"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-281"}], "source": "[email protected]", "type": "Primary"}]}

{}