MEDIUM🇵🇱 Wersja polska

CVE-2023-7169

CVSS 6.0v3.1pub. 2024-02-08upd. 2024-11-21

Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows allows Signature Spoof.This issue affects Snow Inventory Agent: through 6.14.5. Customers advised to upgrade to version 7.0

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
  • Snowsoftware Snow Inventory Agent

    APP
    Snowsoftware
    < 7.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2024-1149HIGH7.8ten sam produkt

Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on MacOS, Snow...

CVE-2024-1150HIGH7.8ten sam produkt

Improper Verification of Cryptographic Signature vulnerability in Snow Software Inventory Agent on Unix allows...

CVE-2021-27579HIGH7.8ten sam produkt

Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and versions that may be...

CVE-2021-41562MEDIUM6.1ten sam produkt

A vulnerability in Snow Snow Agent for Windows allows a non-admin user to cause arbitrary deletion of files. T...

CVE-2023-3864HIGH7.2ten sam vendor

Blind SQL injection in a service running in Snow Software license manager from version 8.0.0 up to and includi...