CVE-2020-10962

{"id": "CVE-2020-10962", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-08-01T02:15:09.687", "references": [{"url": "https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555", "tags": ["Release Notes"], "source": "cve@mitre.org"}, {"url": "https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases", "tags": ["Release Notes"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "In PowerShell App Deployment Toolkit (aka PSAppDeployToolkit) through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local access."}], "lastModified": "2023-08-04T16:05:31.783", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:psappdeploytoolkit:powershell_app_deployment_toolkit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "558B3D55-C116-4416-9527-23E0FF25FC7D", "versionEndIncluding": "3.8.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}