Search for vulnerabilities
Vulnerability details: VCID-9ssz-etnn-aaah
Vulnerability ID VCID-9ssz-etnn-aaah
Aliases CVE-2023-4527
Summary A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
Status Published
Exploitability 0.5
Weighted Severity 5.9
Risk 3.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-125 Out-of-bounds Read
CWE-121 Stack-based Buffer Overflow
System Score Found at
cvssv3.1 6.5 https://access.redhat.com/errata/RHSA-2023:5453
ssvc Track https://access.redhat.com/errata/RHSA-2023:5453
cvssv3.1 6.5 https://access.redhat.com/errata/RHSA-2023:5455
ssvc Track https://access.redhat.com/errata/RHSA-2023:5455
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4527.json
cvssv3.1 6.5 https://access.redhat.com/security/cve/CVE-2023-4527
ssvc Track https://access.redhat.com/security/cve/CVE-2023-4527
epss 0.00093 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00105 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00108 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00142 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00146 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00146 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00146 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.00146 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.01473 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
epss 0.03451 https://api.first.org/data/v1/epss?cve=CVE-2023-4527
cvssv3.1 6.5 https://bugzilla.redhat.com/show_bug.cgi?id=2234712
ssvc Track https://bugzilla.redhat.com/show_bug.cgi?id=2234712
cvssv3.1 7.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-4527
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2023-4527
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4527.json
https://access.redhat.com/security/cve/CVE-2023-4527
https://api.first.org/data/v1/epss?cve=CVE-2023-4527
https://bugzilla.redhat.com/show_bug.cgi?id=2234712
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4DBUQRRPB47TC3NJOUIBVWUGFHBJAFDL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFG4P76UHHZEWQ26FWBXG76N2QLKKPZA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDAQWHTSVOCOZ5K6KPIWKRT3JX4RTZUR/
https://security.netapp.com/advisory/ntap-20231116-0012/
http://www.openwall.com/lists/oss-security/2023/09/25/1
1051958 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051958
cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus_s390x:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_s390x:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_s390x:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_tus:8.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.8:*:*:*:*:*:*:*
cpe:/a:redhat:enterprise_linux:8::appstream https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
cpe:/a:redhat:enterprise_linux:8::crb https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
cpe:/a:redhat:enterprise_linux:9::appstream https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/a:redhat:enterprise_linux:9::crb https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
cpe:/o:redhat:enterprise_linux:6 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
cpe:/o:redhat:enterprise_linux:9::baseos https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
CVE-2023-4527 https://nvd.nist.gov/vuln/detail/CVE-2023-4527
GLSA-202310-03 https://security.gentoo.org/glsa/202310-03
RHSA-2023:5453 https://access.redhat.com/errata/RHSA-2023:5453
RHSA-2023:5455 https://access.redhat.com/errata/RHSA-2023:5455
USN-6409-1 https://usn.ubuntu.com/6409-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2023:5453
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/ Found at https://access.redhat.com/errata/RHSA-2023:5453
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2023:5455
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/ Found at https://access.redhat.com/errata/RHSA-2023:5455
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4527.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://access.redhat.com/security/cve/CVE-2023-4527
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/ Found at https://access.redhat.com/security/cve/CVE-2023-4527
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://bugzilla.redhat.com/show_bug.cgi?id=2234712
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2234712
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4527
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-4527
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.27269
EPSS Score 0.00093
Published At June 25, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.