CVE-2022-26239

{"id": "CVE-2022-26239", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2022-10-06T18:15:56.337", "references": [{"url": "https://pastebin.com/1QEHrj01", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.beckmancoulter.com/products/clinical-information-management-tools/remisol-advance", "tags": ["Product"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-732"}]}], "descriptions": [{"lang": "en", "value": "The default privileges for the running service Normand License Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows unprivileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data."}, {"lang": "es", "value": "Los privilegios por defecto para el servicio en ejecuci\u00f3n Normand License Manager en Beckman Coulter Remisol Advance versiones v2.0.12.1 y anteriores, permite a usuarios no privilegiados sobrescribir y manipular ejecutables y bibliotecas. Esto permite a atacantes acceder a datos confidenciales"}], "lastModified": "2022-10-10T03:00:14.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:beckmancoulter:remisol_advance:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D41AA48E-8624-46FB-B13B-33AA63D2E8B0", "versionEndIncluding": "2.0.12.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}