A permission misconfiguration in UI Desktop for Windows (Version 0.59.1.71 and earlier) could allow an user to hijack VPN credentials while UID VPN is starting.This vulnerability is fixed in Version 0.62.3 and later.
References
Link | Resource |
---|---|
https://community.ui.com/releases/Security-Advisory-Bulletin-029-029/a47c68f2-1f3a-47c3-b577-eb70599644e4 | Vendor Advisory |
Configurations
History
01 May 2023, 20:25
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-732 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CPE | cpe:2.3:a:ui:desktop:*:*:*:*:*:windows:*:* | |
References | (MISC) https://community.ui.com/releases/Security-Advisory-Bulletin-029-029/a47c68f2-1f3a-47c3-b577-eb70599644e4 - Vendor Advisory |
20 Apr 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-19 20:15
Updated : 2024-02-04 23:37
NVD link : CVE-2023-28123
Mitre link : CVE-2023-28123
CVE.ORG link : CVE-2023-28123
JSON object : View
Products Affected
ui
- desktop
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource