CVE-2023-6253

CVSS V2 None CVSS V3 None

Description

A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows a local attacker to retrieve the uninstall key and remove the software by extracting the uninstaller key from the memory of the uninstaller file.

Overview

CVE ID
CVE-2023-6253

Assigner
SEC-VLab

Vulnerability Status
PUBLISHED

Published Version
2023-11-22T11:22:58.159Z

Last Modified Date
2023-11-22T11:22:58.159Z

Weakness Enumerations

CWE	URL
CWE-922	http://cwe.mitre.org/data/definitions/922.html

References

Reference URL	Reference Tags
https://www.fortra.com/security
https://r.sec-consult.com/fortra
http://seclists.org/fulldisclosure/2023/Nov/14
http://packetstormsecurity.com/files/175956/Fortra-Digital-Guardian-Agent-Uninstaller-Cross-Site-Scripting-UninstallKey-Cached.html

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-6253
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6253

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 07:15:11				Added to TrackCVE