CVE-2023-28130: Local Priv Escalation in Cisco Gaia Portal Hostnames
CVE-2023-28130 Published on July 26, 2023

Local user may lead to privilege escalation using Gaia Portal hostnames page.

NVD

Vulnerability Analysis

CVE-2023-28130 is exploitable with network access, and requires user privileges. This vulnerability is considered to have a low attack complexity. Public availability of a proof of concept (POC) exploit exists for CVE-2023-28130. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Products Associated with CVE-2023-28130

Want to know whenever a new CVE is published for Check Point Software Gaia Portal? stack.watch will email you.

Check Point Software Gaia Portal

Exploit Probability

EPSS

3.79%

Percentile

87.95%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2023-28130: Local Priv Escalation in Cisco Gaia Portal HostnamesCVE-2023-28130 Published on July 26, 2023

Vulnerability Analysis

Weakness Type

Improper Input Validation

Products Associated with CVE-2023-28130

Exploit Probability

CVE-2023-28130: Local Priv Escalation in Cisco Gaia Portal Hostnames
CVE-2023-28130 Published on July 26, 2023