CVE-2023-50442

{"id": "CVE-2023-50442", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2023-12-13T21:15:09.653", "references": [{"url": "https://www.primx.eu/en/bulletins/security-bulletin-23B30933/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.primx.eu/fr/blog/", "tags": ["Product"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Encrypted folders created by PRIMX ZONECENTRAL through 2023.5 can be modified by a local attacker (with appropriate privileges) so that specific file types are excluded from encryption temporarily. (This modification can, however, be detected, as described in the Administrator Guide.)"}, {"lang": "es", "value": "Un atacante local (con los privilegios adecuados) puede modificar las carpetas cifradas creadas por PRIMX ZONECENTRAL hasta 2023.5 para que tipos de archivos espec\u00edficos queden excluidos del cifrado temporalmente. (Sin embargo, esta modificaci\u00f3n se puede detectar, como se describe en la Gu\u00eda del administrador)."}], "lastModified": "2023-12-20T18:29:15.687", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:primx:zonecentral:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "70D83FB5-F2D7-43E1-9EA9-6AC0B3023EEC", "versionEndIncluding": "2023.5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}