| Vulnerability Name: | CVE-2023-20032 (CCN-247502) |
| Assigned: | 2022-10-27 |
| Published: | 2023-02-15 |
| Updated: | 2023-07-19 |
| Summary: | |
| CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.8 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): High
Integrity (I): High
Availibility (A): High |
9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.8 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): High
Integrity (I): High
Availibility (A): High |
|
| CVSS v2 Severity: | 10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete |
|
| Vulnerability Consequences: | Gain Access |
| References: | Source: MITRE
Type: CNA
CVE-2023-20032
Source: CCN
Type: ClamAV Blog, Wednesday, February 15, 2023
ClamAV 0.103.8, 0.105.2 and 1.0.1 patch versions published
Source: XF
Type: UNKNOWN
clamav-cve202320032-bo(247502)
Source: CCN
Type: Packet Storm Security [02-15-2023]
Clam AntiVirus Toolkit 1.0.1
Source: CCN
Type: Cisco Security Advisory cisco-sa-clamav-q8DThCy
ClamAV HFS+ Partition Scanning Buffer Overflow Vulnerability Affecting Cisco Products: February 2023
Source: ykramarz@cisco.com
Type: Vendor Advisory
ykramarz@cisco.com
|
| Vulnerable Configuration: | Configuration CCN 1:
cpe:/a:clamav:clamav:0.93.3:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.92.1:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.91.2:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.90.3:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.86.2:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.68.1:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.60p:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.102.4:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.101.5:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.75.1:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.85.1:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.87.1:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.88.7:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.94.2:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.95.3:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.96.5:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.97.8:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.98.7:*:*:*:*:*:*:*OR cpe:/a:clamav:clamav:0.99.4:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| Oval Definitions |
|
| BACK |