CVE-2022-2188

Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:00

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 5.5
v2 : unknown
v3 : 6.5
References () https://kcm.trellix.com/corporate/index?page=content&id=SB10383 - Vendor Advisory () https://kcm.trellix.com/corporate/index?page=content&id=SB10383 - Vendor Advisory

07 Nov 2023, 03:46

Type Values Removed Values Added
Summary Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker. Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.

08 Aug 2023, 14:22

Type Values Removed Values Added
CWE CWE-863 CWE-732

Information

Published : 2022-11-07 12:15

Updated : 2024-11-21 07:00


NVD link : CVE-2022-2188

Mitre link : CVE-2022-2188

CVE.ORG link : CVE-2022-2188


JSON object : View

Products Affected

mcafee

  • data_exchange_layer

microsoft

  • windows
CWE
CWE-732

Incorrect Permission Assignment for Critical Resource