CVE-2023-3160

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions.
References
Link Resource
https://support.eset.com/en/ca8466 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:-:*:*
cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:*:*:*
cpe:2.3:a:eset:internet_security:-:*:*:*:*:*:*:*
cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*
cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*
cpe:2.3:a:eset:nod32:-:*:*:*:*:*:*:*
cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*
cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*
cpe:2.3:a:eset:smart_security:-:*:*:*:premium:*:*:*

History

21 Aug 2023, 16:03

Type Values Removed Values Added
First Time Eset nod32
Eset endpoint Antivirus
Eset
Eset mail Security
Eset server Security
Eset smart Security
Eset endpoint Security
Eset security
Eset internet Security
CPE cpe:2.3:a:eset:internet_security:-:*:*:*:*:*:*:*
cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*
cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*
cpe:2.3:a:eset:nod32:-:*:*:*:*:*:*:*
cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*
cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*
cpe:2.3:a:eset:smart_security:-:*:*:*:premium:*:*:*
cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:*:*:*
cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:-:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CWE CWE-269
References (MISC) https://support.eset.com/en/ca8466 - (MISC) https://support.eset.com/en/ca8466 - Vendor Advisory

14 Aug 2023, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-14 10:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-3160

Mitre link : CVE-2023-3160

CVE.ORG link : CVE-2023-3160


JSON object : View

Products Affected

eset

  • smart_security
  • nod32
  • endpoint_security
  • server_security
  • internet_security
  • mail_security
  • security
  • endpoint_antivirus
CWE
CWE-269

Improper Privilege Management