CVE-2023-38544

5.3MEDIUM

Key Information:

Vendor: Ivanti
Status: Secure Access Linux
Vendor: CVE Published:; 15 November 2023

Summary

A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system.

Affected Version(s)

Secure Access Linux 22.6.1

References

https://forums.ivanti.com/s/article/Security-fixes-includ...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 15, 2023
Vulnerability Reserved
Jul 20, 2023

Collectors

NVD DatabaseMitre Database