CVE-2017-3747

{"id": "CVE-2017-3747", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2017-06-29T15:29:00.160", "references": [{"url": "http://www.securityfocus.com/bid/99286", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@lenovo.com"}, {"url": "https://support.lenovo.com/us/en/product_security/LEN-15046", "tags": ["Vendor Advisory"], "source": "psirt@lenovo.com"}, {"url": "http://www.securityfocus.com/bid/99286", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://support.lenovo.com/us/en/product_security/LEN-15046", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Privilege escalation vulnerability in Lenovo Nerve Center for Windows 10 on Desktop systems (Lenovo Nerve Center for notebook systems is not affected) that could allow an attacker with local privileges on a system to alter registry keys."}, {"lang": "es", "value": "Vulnerabilidad de escalado de privilegios en Lenovo Nerve Center para Windows 10 en sistemas de sobremesa (Lenovo Nerve Center para notebooks no se ha visto afectado) que podr\u00eda permitir que un atacante con privilegios locales en un sistema altere claves de registro."}], "lastModified": "2024-11-21T03:26:03.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lenovo:nerve_center:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F8A7D1B-AF5B-43B6-B1FB-39749ADC0E9B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FBC814B4-7DEC-4EFC-ABFF-08FFD9FD16AA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@lenovo.com"}