CVE-2023-28142

A Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers to escalate privileges limited on the local machine during uninstallation of the Qualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges on that asset to run arbitrary commands. At the time of this disclosure, versions before 4.0 are classified as End of Life.

CVSS v3 7.0 HIGH

7.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.0 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.qualys.com/security-advisories/	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:qualys:cloud_agent:*:*:*:*:*:windows:*:*

History

28 Apr 2023, 13:18

Type	Values Removed	Values Added
References	~~(MISC) https://www.qualys.com/security-advisories/ -~~	(MISC) https://www.qualys.com/security-advisories/ - Vendor Advisory
CWE		CWE-362
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.0
First Time		Qualys cloud Agent Qualys
CPE		cpe:2.3:a:qualys:cloud_agent::::::windows::*

18 Apr 2023, 17:36

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-04-18 16:15

Updated : 2023-12-10 15:01

NVD link : CVE-2023-28142

Mitre link : CVE-2023-28142

CVE.ORG link : CVE-2023-28142

JSON object : View

Products Affected

qualys

cloud_agent

CWE

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

{"id": "CVE-2023-28142", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}, {"type": "Secondary", "source": "bugreport@qualys.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}]}, "published": "2023-04-18T16:15:09.153", "references": [{"url": "https://www.qualys.com/security-advisories/", "tags": ["Vendor Advisory"], "source": "bugreport@qualys.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-362"}]}, {"type": "Secondary", "source": "bugreport@qualys.com", "description": [{"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "\nA Race Condition exists in the Qualys Cloud Agent for Windows\nplatform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers to\nescalate privileges limited on the local machine during uninstallation of the\nQualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges on\nthat asset to run arbitrary commands.\n\n\n\nAt the time of this disclosure, versions before 4.0 are classified as End\nof Life.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"}], "lastModified": "2023-04-28T13:18:20.980", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:qualys:cloud_agent:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "A3C649A1-257A-441A-A11B-33208739DABD", "versionEndExcluding": "4.5.3.1", "versionStartIncluding": "3.1.3.34"}], "operator": "OR"}]}], "sourceIdentifier": "bugreport@qualys.com"}